Solved

LDAPS Config

Posted on 2008-06-09
3
856 Views
Last Modified: 2013-12-02
We have successfully configured and tested our SLES 10 server to authenticate LDAP.  Our problem lies in the Apache code on one our authenticating servers. We have the following in our httpd :


<Directory /var/www/html/Authent>
 AuthType Basic
 AuthName "Company Internal Server"
 AuthBasicProvider ldap
 AuthzLDAPAuthoritative On
 AuthLDAPURL ldaps://mail.company.com:636/ou=users,o=company?uid SSL
 AuthLDAPBindDN "cn=ldapproxy,o=company"
 require valid-user
</Directory>
 
The error we are receiving is :

[Mon Jun 09 15:41:54 2008] [warn] [client 66.105.XXX.XXX] [23743] auth_ldap authenticate: user testuser authentication failed; URI /Authent/ca_resume_test.php [LD
AP: ldap_simple_bind_s() failed][Can't contact LDAP server]

We believe the error may be related to a certificate issue but are unaware ofhow to determine this.



0
Comment
Question by:Primarisair
  • 2
3 Comments
 
LVL 57

Expert Comment

by:giltjr
ID: 21750592
Have you tested without using SSL?  I would suggest that you try not using SSL.  Once you have that working then try SSL.
0
 

Author Comment

by:Primarisair
ID: 21753369
We have successfully completed the tests without SSL. What would the next step be in the SSL process. Do we transfer certificate? Does the code look correct?
0
 
LVL 57

Accepted Solution

by:
giltjr earned 125 total points
ID: 21753912
The code for SSL and non-SSL will be the same, except for the ldaps part.

Are you using a cert that is signed by a public CA, your own CA, or a self-signed cert?

If using a self-signed cert, then you need to import the public key of the server onto the client.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Over the last year I have answered a couple of basic URL rewriting questions several times so I thought I might as well have a stab at: explaining the basics, providing a few useful links and consolidating some of the most common queries into a sing…
In Solr 4.0 it is possible to atomically (or partially) update individual fields in a document. This article will show the operations possible for atomic updating as well as setting up your Solr instance to be able to perform the actions. One major …
Along with being a a promotional video for my three-day Annielytics Dashboard Seminor, this Micro Tutorial is an intro to Google Analytics API data.
Internet Business Fax to Email Made Easy - With eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, fr…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

25 Experts available now in Live!

Get 1:1 Help Now