Regression #16261: RADIUS connection to upstream LDAP server cannot be setup over TLS - pfSense Packages - pfSense bugtracker

Actions

Copy link

Regression #16261

open

RADIUS connection to upstream LDAP server cannot be setup over TLS

Added by Didier Raboud 3 months ago. Updated 3 months ago.

Status:

New

Priority:

High

Assignee:

Category:

FreeRADIUS

Target version:

Start date:

Due date:

% Done:

Estimated time:

Plus Target Version:

Affected Version:

2.8.0

Affected Plus Version:

Affected Architecture:

All

Description

After upgrading from 2.7.x to 2.8.0, radiusd did not start with these errors:

Jun 12 15:02:37     radiusd     581     /usr/local/etc/raddb/mods-enabled/ldap[1]: Invalid configuration for module "ldap" 
Jun 12 15:02:37     radiusd     581     /usr/local/etc/raddb/mods-enabled/ldap[29]: Failed parsing configuration item "certificate_file" 
Jun 12 15:02:37     radiusd     581     Unable to check file "/usr/local/etc/raddb/certs/radius_ldap1_cert.crt": No such file or directory

Luckily (sic), I can disable TLS handling and get RADIUS connectivity from the radiusd daemon to our LDAP server; but that's not OK.

No toggle of TLS settings (or setting the certificate to the correct root CA certificate) has helped; and this worked fine in 2.7.0.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

pfSense » pfSense Packages

Custom queries

Regression #16261

RADIUS connection to upstream LDAP server cannot be setup over TLS

Updated by Didier Raboud 3 months ago