Hello Alvaro,
We are interested using only SSL (so we dont need checking TLS nor a
certificate). I think the problem is that there is no way to say to cherokee
that the protocol is LDAPS (correct me if I am wrong).
I tried to configured ldap connection in these ways:
1.- Server: ldap.mydomain.es
Port: In blank (389)
Its work fine, of course
2.- Server: ldap.mydomain.es
Port: 636
I get the error "Could not bind (ldap.mydomain.es:636). Cherokee
doesnt know that its ldaps
3.- Server: ldaps://ldap.mydomain.es (checking putting protocol in URL)
Port: 636
I get the error "Could not connect to LDAP:
ldaps://ldap.mydomain.es:636. Cherokee doesnt understand that URL has the
protocol too??
4. Server: ldap://ldap.mydomain.es (as Im sure that works unsecure LDAP, I
try in this way to be sure that cherokee doesnt interpret the URL
correctly)
Port: In blank or 389
I get the error Could not connect to LDAP: ldap://ldap.mydomain.es:389
These tests make me think that there is no way of saying to cherokee that
protocol is LDAPS.
Thanks!!
De: Alvaro Lopez Ortega [mailto:[email protected]]
Enviado el: martes, 10 de mayo de 2011 17:03
Para: Raúl Jareño Morago
CC: cherokee List
Asunto: Re: [Cherokee] Validating using ldap secure
Hello Raúl,
2011/5/10 Raúl Jareño Morago <[email protected]>
Is it obligatory to use TLS in Cherokee for LDAPS?
As far as I'm aware of, LDAPS is no more than LDAP over a SSL/TLS
connection, where the service is accessible through a different TCP port
(636).
Actually, a more modern approach is to use the standard LDAP port to sent a
StartTLS command to upgrade a plain TCP connection to a TLS connection. It's
important to notice that LDAP v2 did _not_ support this connection upgrade
scheme.
Currently Cherokee supports LDAP and LDAPS. I must say, I'm not sure about
the LDAP+StartTLS method though.
--
Greetings, alo
http://www.octality.com/
_______________________________________________
Cherokee mailing list
[email protected]
http://lists.octality.com/listinfo/cherokee
