Hi,
OpenXPKI Developers and Users,
I have successfully deployed OpenXPKI from source on Debian Lenny 5.0, with
Apache 2.2 and Perl 5.10.
Now i am trying to integrate LDAP with it. I have followed the instructions
from this PDF document http://www.openxpki.org/docs/openxpki-ldap.pdf and
created an LDAP Server on OpenSUSE 11.1 machine.
And i populated the config.xml and ldappublic.xml files with appropriate
information as told by the aforementioned PDF Document. Note that the LDAP
Server is not TLS enabled so i also have not enabled TLS in my configuration
files.
I have successfully browsed the LDAP Server with baseDN as "dc=yyyyyyyy" and
login as "cn=Administrator,dc=yyyyyyyy".
But when i try to run OpenXPKI Server by executing openxpkictl on console. I
get the following Exceptions in openxpki.log file and the server does not
start. I have even tried it when both machined as running in parallel and can
access each other directly using IP Address.
openxpki.log
============
2009/09/29 02:43:22 openxpki.system.FATAL [OpenXPKI::Server::Init (156)]
Exception during initialization task 'pki_realm_by_cfg':
I18N_OPENXPKI_XML_CACHE_GET_XPATH_COUNT_NOTHING_FOUND
2009/09/29 02:43:22 openxpki.system.FATAL [OpenXPKI::Server
(/usr/local/lib/perl/5.10.0/OpenXPKI/Server.pm:814)] Exception during server
initialization: I18N_OPENXPKI_XML_CACHE_GET_XPATH_COUNT_NOTHING_FOUND;
__XPATH__ => pki_realm/0/common/0/ldap_options/0/ldap_suffixes/0/ldap_suffix
The settings in my config.xml and ldappublic.xml are as follows:
ldappublic.xml
==============
<ldap_options>
<ldap_enable>yes</ldap_enable>
<ldap_excluded_roles>publish_all_roles</ldap_excluded_roles>
<ldap_suffixes>dc=yyyyyyyy</ldap_suffixes>
<ldap_server>192.168.xxx.xxx</ldap_server>
<ldap_port>389</ldap_port>
<ldap_version>3</ldap_version>
<ldap_tls>
<use_tls>no</use_tls>
<client_cert></client_cert>
<client_key></client_key>
<ca_cert></ca_cert>
</ldap_tls>
<ldap_sasl>
<use_sasl>no</use_sasl>
<sasl_mech></sasl_mech>
</ldap_sasl>
<ldap_login>cn=Manager,dc=yyyyyyyy</ldap_login>
<!-- <ldap_password>{SSHA}xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</ldap_password> -->
<ldap_password>secret</ldap_password>
config.xml
===========
<ldap>
<server>192.168.xxx.xxx</server>
<port>389</port>
<bind_dn>cn=Manager,dc=yyyyyyyy</bind_dn>
<pass>{SSHA}xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx</pass>
<base_dn>cn=Manager,dc=yyyyyyyy</base_dn>
<search_dn>cn=Manager,dc=yyyyyyyy</search_dn>
</ldap>
<!-- if you do not want to use bind authentication, you can
use SASL as well (Authen::SASL is required for that to work)
as sasl_mechanism, you can for example configure DIGEST-MD5 for
MS ADS. Also note that configuring a hostname (not an IP) is
required
for MS ADS
-->
<!--
<ldap>
<server></server>
<port></port>
<base_dn></base_dn>
<search_dn></search_dn>
<sasl>yes</sasl>
<sasl_mechanism></sasl_mechanism>
<sasl_user></sasl_user>
<sasl_pass></sasl_pass>
</ldap>
-->
Waiting for your help!
Regards,
John Danial
------------------------------------------------------------------------------
Come build with us! The BlackBerry® Developer Conference in SF, CA
is the only developer event you need to attend this year. Jumpstart your
developing skills, take BlackBerry mobile applications to market and stay
ahead of the curve. Join us from November 9-12, 2009. Register now!
http://p.sf.net/sfu/devconf
_______________________________________________
OpenXPKI-users mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/openxpki-users
