Hello Raul, The TLS checkbox must be checked. Give this a try:
Server: ldap.mydomain.es Port: 636 TLS: on 2011/5/11 Raúl Jareño Morago <[email protected]> > Hello Alvaro, > > > > We are interested using only SSL (so we don’t need checking TLS nor a > certificate). I think the problem is that there is no way to say to cherokee > that the protocol is LDAPS (correct me if I am wrong). > > > > I tried to configured ldap connection in these ways: > > > > 1.- Server: ldap.mydomain.es > > Port: In blank (389) > > It’s work fine, of course > > > > 2.- Server: ldap.mydomain.es > > Port: 636 > > I get the error "Could not bind (ldap.mydomain.es:636)”. Cherokee > doesn’t know that it’s ldaps > > > > 3.- Server: ldaps://ldap.mydomain.es (checking putting protocol in URL) > > Port: 636 > > I get the error "Could not connect to LDAP: > ldaps://ldap.mydomain.es:636”. Cherokee doesn’t understand that URL has > the protocol too?? > > > > 4. Server: ldap://ldap.mydomain.es (as I’m sure that works unsecure LDAP, > I try in this way to be sure that cherokee doesn’t interpret the URL > correctly) > > Port: In blank or 389 > > I get the error “Could not connect to LDAP: ldap://ldap.mydomain.es:389 > ” > > > > These tests make me think that there is no way of saying to cherokee that > protocol is LDAPS. > > > > Thanks!! > > > > > > > > > > *De:* Alvaro Lopez Ortega [mailto:[email protected]] > *Enviado el:* martes, 10 de mayo de 2011 17:03 > > *Para:* Raúl Jareño Morago > *CC:* cherokee List > *Asunto:* Re: [Cherokee] Validating using ldap secure > > > > Hello Raúl, > > 2011/5/10 Raúl Jareño Morago <[email protected]> > > Is it obligatory to use TLS in Cherokee for LDAPS? > > > As far as I'm aware of, LDAPS is no more than LDAP over a SSL/TLS > connection, where the service is accessible through a different TCP port > (636). > > > > Actually, a more modern approach is to use the standard LDAP port to sent a > StartTLS command to upgrade a plain TCP connection to a TLS connection. It's > important to notice that LDAP v2 did _not_ support this connection upgrade > scheme. > > > > Currently Cherokee supports LDAP and LDAPS. I must say, I'm not sure about > the LDAP+StartTLS method though. > > > -- > Greetings, alo > http://www.octality.com/ > -- Greetings, alo http://www.octality.com/
_______________________________________________ Cherokee mailing list [email protected] http://lists.octality.com/listinfo/cherokee
