Re: apache2.0.55 w/ mod_ldap & tls

Fri, 13 Jan 2006 15:38:09 -0800 

Hi again,

To follow up on my own question, in case others upgrade from 2.0.54 and
run into this problem, 2.0.55 requires these two directives before SSL 
is enabled in mod_ldap:                                                         
                                     

LDAPTrustedCA /etc/ssl/CA/cacert.pem                                            
                                                           
LDAPTrustedCAType BASE64_FILE                                                   
                                                           
                                                                                
                                                           
The debug logs now produce:

[Fri Jan 13 18:34:17 2006] [notice] LDAP: SSL support available     

Cheers,
Brent


On Thu, Jan 12, 2006 at 07:56:14PM -0700, Brent Kearney wrote:
> Hello,
> 
> I'm having some trouble getting apache's ldap module to connect to my 
> openldap server 
> using TLS.  The reason it won't initiate an SSL connection is evident in the 
> logs:
> 
> [Thu Jan 12 20:45:49 2006] [debug] util_ldap.c(1341): LDAP: SSL trusted 
> certificate authority file type - BASE64_FILE
> [Thu Jan 12 20:45:49 2006] [notice] SIGHUP received.  Attempting to restart
> [Thu Jan 12 20:45:50 2006] [debug] util_ldap.c(1341): LDAP: SSL trusted 
> certificate authority file type - BASE64_FILE
> [Thu Jan 12 20:45:51 2006] [notice] Digest: generating secret for digest 
> authentication ...
> [Thu Jan 12 20:45:51 2006] [notice] Digest: done
> [Thu Jan 12 20:45:51 2006] [notice] LDAP: Built with OpenLDAP LDAP SDK
> [Thu Jan 12 20:45:51 2006] [notice] LDAP: SSL support unavailable
> [Thu Jan 12 20:45:51 2006] [notice] Apache/2.0.55 (FreeBSD) mod_ssl/2.0.55 
> OpenSSL/0.9.7e DAV/2 PHP/5.1.1 configured -- resuming normal operations
> 
> 
> I found this bug report, which details what looks like the same problem:
> 
> http://www.freebsd.org/cgi/query-pr.cgi?pr=ports/86416
> 
> However, it also mentions that the bug was supposed to be fixed in Apache 
> 2.0.55, 
> which I'm running.  As in that bug report, I am also using FreeBSD 5.4.  I 
> added
> "LDAPTrustedCAType BASE64_FILE" to my httpd.conf file as suggested, but it 
> makes
> no difference.
> 
> Ironically, it was working before I upgraded from apache 2.0.54.
> 
> Any suggestions are welcome.
> 
> Thanks,
> 
> Brent
> 
> 
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "[EMAIL PROTECTED]"

Reply via email to