Update ldap

author Alan Buxey <alan.buxey@gmail.com>

Mon, 20 Jul 2015 11:13:39 +0000 (12:13 +0100)

committer Arran Cudbard-Bell <a.cudbardb@freeradius.org>

Fri, 24 Jul 2015 12:33:04 +0000 (08:33 -0400)
author Alan Buxey <alan.buxey@gmail.com>
Mon, 20 Jul 2015 11:13:39 +0000 (12:13 +0100)
committer Arran Cudbard-Bell <a.cudbardb@freeradius.org>
Fri, 24 Jul 2015 12:33:04 +0000 (08:33 -0400)
diff --git a/raddb/mods-available/ldap b/raddb/mods-available/ldap

index a4532c83127d609378e1085b0bf195cb4d6d0e1d..6c78d8c55e09437c2b9a8f650f2117cfcbdb172d 100644 (file)
--- a/raddb/mods-available/ldap
+++ b/raddb/mods-available/ldap
@@ -488,13 +488,16 @@ ldap {
  #              private_key_file = /path/to/radius.key
  #              random_file = /dev/urandom
  
-               #  Certificate Verification requirements.  Can be:
-               #    'never' (don't even bother trying)
-               #    'allow' (try, but don't fail if the certificate
-               #               can't be verified)
-               #    'demand' (fail if the certificate doesn't verify.)
-               #
-               #  The default is 'allow'
+               #  Certificate Verification requirements.  Can be:
+               #    'never' (do not even bother trying)
+               #    'allow' (try, but don't fail if the certificate
+               #               cannot be verified)
+               #    'demand' (fail if the certificate does not verify)
+               #    'hard'  (similar to 'demand' but fails if TLS 
+               #             cannot negotiate)
+               #
+               #  The default is 'demand'
+
  #              require_cert    = 'demand'
         }
author	Alan Buxey <alan.buxey@gmail.com>
	Mon, 20 Jul 2015 11:13:39 +0000 (12:13 +0100)
committer	Arran Cudbard-Bell <a.cudbardb@freeradius.org>
	Fri, 24 Jul 2015 12:33:04 +0000 (08:33 -0400)