apache 2.0, mod_auth_ldap over SSL failing with can't connect ldap server
This is a discussion on apache 2.0, mod_auth_ldap over SSL failing with can't connect ldap server within the Apache Web Server forums, part of the Web Server and Related Forums category; Here is my conf.d/dir_access.conf LDAPTrustedCA /etc/httpd/conf/ssl.crt/server.crt LDAPTrustedCAType BASE64_FILE <Location /mypath&...
|
|||||||
| FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
12-06-2006
|
|||
|
|||
apache 2.0, mod_auth_ldap over SSL failing with can't connect ldap server
Here is my conf.d/dir_access.conf
LDAPTrustedCA /etc/httpd/conf/ssl.crt/server.crt LDAPTrustedCAType BASE64_FILE <Location /mypath> AuthLDAPAuthoritative On AuthLDAPEnabled On AuthType Basic AuthName "LDAP Login" AuthLDAPURL "ldaps://ldap.example.com:636/ou=users,dc=example,dc=com?uid?sub" require valid-user </Location> And my /etc/openldap/ldap.conf to disable all certificate validation checks TLS_REQCERT never My error messages looks as follows : [Tue Dec 05 23:30:11 2006] [notice] Apache/2.0.52 (Red Hat) configured -- resuming normal operations [Tue Dec 05 23:30:18 2006] [warn] [client xxx.xxx.xxx.xxx] [28729] auth_ldap authenticate: user astokes authentication failed; URI /mypath/ [LDAP: ldap_simple_bind_s() failed][Can't contact LDAP server] Is this still an issue with TLS? I am able to manually bind over ssl as my user using ldapsearch setting both TLS_REQCERT allow/never, but apache is failing and I am at a loss why :( Any suggestions? |
|
12-06-2006
|
|||
|
|||
|
Re: apache 2.0, mod_auth_ldap over SSL failing with can't connect ldap server
One more thing, I've tested this over non-ssl and it works like a
champ. On Dec 5, 11:47 pm, "Adam Stokes" <adam.sto...@gmail.com> wrote: > Here is my conf.d/dir_access.conf > > LDAPTrustedCA /etc/httpd/conf/ssl.crt/server.crt > LDAPTrustedCAType BASE64_FILE > > <Location /mypath> > AuthLDAPAuthoritative On > AuthLDAPEnabled On > AuthType Basic > AuthName "LDAP Login" > AuthLDAPURL > "ldaps://ldap.example.com:636/ou=users,dc=example,dc=com?uid?sub" > require valid-user > </Location> > > And my /etc/openldap/ldap.conf to disable all certificate validation > checks > > TLS_REQCERT never > > My error messages looks as follows : > > [Tue Dec 05 23:30:11 2006] [notice] Apache/2.0.52 (Red Hat) configured > -- resuming normal operations > [Tue Dec 05 23:30:18 2006] [warn] [client xxx.xxx.xxx.xxx] [28729] > auth_ldap authenticate: user astokes authentication failed; URI > /mypath/ [LDAP: ldap_simple_bind_s() failed][Can't contact LDAP server] > > Is this still an issue with TLS? I am able to manually bind over ssl as > my user using ldapsearch setting both TLS_REQCERT allow/never, but > apache is failing and I am at a loss why :( > > Any suggestions? |
|
12-07-2006
|
|||
|
|||
|
Re: apache 2.0, mod_auth_ldap over SSL failing with can't connect ldap server
On Dec 6, 2:58 am, Davide Bianchi <davideyeahs...@onlyforfun.net> wrote: > On 2006-12-06, Adam Stokes <adam.sto...@gmail.com> wrote: > > > Any suggestions?Which ldap_auth module are you using? There are many and most of them > aren't supported by the Apache group, so I'd suggest you to ask the > mantainer/programmer of that module. > Hey Davide, Thanks for your reply this was the mod_auth_ldap which is provided in a default install of apache 2.0 on RHEL. However, I did figure out the problem though, unfortunately, I couldn't get apache to succeed if a checkpeer failed so I had to actually get the ca cert from the authority in order to do the lookups over SSL. Thanks again Adam |
Linear Mode
