> Thank you so much for your answer. But can you guide me where and how to add selfsign certificate in the keystore file?
>Ive tried use ldap with port 389. CAS is loaded, but when im trying to login with my username and password its return error. LDAP: error code 8 - BindSimple: Transport encryption required On Friday, July 12, 2019 at 2:39:25 PM UTC+7, casuser wrote: > > You need to add the self sign certificate in thekeystore file of CAS, also > check of the port 636 is open or not. Actually you don't need ldaps for cas > authentication. Bellow is my ldap config which works for me. Check whether > your ports are open or not. > > cas.authn.ldap[0].principalAttributeList > =sAMAccountName,cn,givenName,memberOf,userPrincipalName,department,title,distinguishedName > cas.authn.ldap[0].collectDnAttribute=false > #cas.authn.ldap[0].principalDnAttributeName=sAMAccountName > # cas.authn.ldap[0].allowMultiplePrincipalAttributeValues=true > # cas.authn.ldap[0].allowMissingPrincipalAttributeValue=true > #cas.authn.ldap[0].credentialCriteria= > cas.authn.ldap[0].ldapUrl=ldap://myldap:389 > cas.authn.ldap[0].bindDn=CN=myldapadmin,OU=admin,DC=example,DC=edu > cas.authn.ldap[0].bindCredential=mypass > cas.authn.ldap[0].minPoolSize=3 > cas.authn.ldap[0].maxPoolSize=10 > cas.authn.ldap[0].validateOnCheckout=true > cas.authn.ldap[0].validatePeriodically=true > cas.authn.ldap[0].validatePeriod=600 > #cas.authn.ldap[0].validateTimeout=PT5S > cas.authn.ldap[0].failFast=true > # cas.authn.ldap[0].idleTime=PT10M > # cas.authn.ldap[0].prunePeriod=PT2H > # cas.authn.ldap[0].blockWaitTime=PT3S > cas.authn.ldap[0].useSsl=false > cas.authn.ldap[0].useStartTls=false > #cas.authn.ldap[0].responseTimeout=PT5S > cas.authn.ldap[0].allowMultipleDns=false > #cas.authn.ldap[0].name= > cas.authn.ldap[0].type=AUTHENTICATED > cas.authn.ldap[0].baseDn=DC=example,DC=edu > cas.authn.ldap[0].subtreeSearch=true > cas.authn.ldap[0].searchFilter=sAMAccountName={user} > cas.authn.ldap[0].enhanceWithEntryResolver=true > #cas.authn.ldap[0].derefAliases=NEVER|SEARCHING|FINDING|ALWAYS > cas.authn.ldap[0].dnFormat=uid=%s,DC=example,DC=edu > #cas.authn.ldap[0].principalAttributePassword= > cas.authn.ldap[0].followReferrals=false > cas.authn.ldap[0].hostnameVerifier=ANY > > On Fri, Jul 12, 2019 at 2:54 PM Alex Samosir <alexputr...@gmail.com > <javascript:>> wrote: > >> Yes. Because Its in my local PC. >> >> On Friday, July 12, 2019 at 8:03:24 AM UTC+7, casuser wrote: >>> >>> Are you using a self signed certificate? >>> >>> >>> On Fri, Jul 12, 2019 at 12:12 AM Alex Samosir <alexputr...@gmail.com> >>> wrote: >>> >>>> Im trying to connect CAS with my LDAP Server. And im following The New >>>> School Tutorial by the way. >>>> But its no luck >>>> Im facing this error >>>> >>>> [image: ldaps.png] >>>> >>>> >>>> >>>> Ive already tried that configuration with my LDAP Browser >>>> And its success and connected >>>> >>>> >>>> [image: ldap browser.png] >>>> >>>> [image: LDAP BROWSER SUCCESS.png] >>>> here is my cas.properties >>>> >>>> cas.authn.ldap[0].order: 0 >>>> cas.authn.ldap[0].name: LDAP >>>> cas.authn.ldap[0].type: AUTHENTICATED >>>> cas.authn.ldap[0].ldapUrl: ldaps://10.2.2.64 >>>> cas.authn.ldap[0].validatePeriod: 270 >>>> #cas.authn.ldap[0].poolPassivator: BIND >>>> cas.authn.ldap[0].searchFilter: cn={user} >>>> cas.authn.ldap[0].baseDn: >>>> cn=Users,DC=app,DC=lkpp,DC=go,DC=id >>>> #cas.authn.ldap[0].dnFormat: >>>> cn=%s,CN=Users,DC=app,DC=lkpp,DC=go,DC=id >>>> >>>> cas.authn.ldap[0].bindDn:cn=Administrator,cn=Users,dc=app,dc=lkpp,dc=go,dc=id >>>> cas.authn.ldap[0].bindCredential:**************** >>>> >>>> any suggestion what I did wrong? >>>> >>>> -- >>>> - Website: https://apereo.github.io/cas >>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>> - List Guidelines: https://goo.gl/1VRrw7 >>>> - Contributions: https://goo.gl/mh7qDG >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "CAS Community" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to cas-...@apereo.org. >>>> To view this discussion on the web visit >>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/17449e07-16ac-4650-8b38-9008603a15de%40apereo.org >>>> >>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/17449e07-16ac-4650-8b38-9008603a15de%40apereo.org?utm_medium=email&utm_source=footer> >>>> . >>>> >>> >>> >>> -- >>> -Fazla. >>> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to cas-...@apereo.org <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/79e4a05b-07ab-4ca6-abae-ca5095edd10a%40apereo.org >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/79e4a05b-07ab-4ca6-abae-ca5095edd10a%40apereo.org?utm_medium=email&utm_source=footer> >> . >> > > > -- > -Fazla. > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to cas-user+unsubscr...@apereo.org. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/131b6d45-86eb-478a-a338-cc2709ccffee%40apereo.org.