> Thank you so much for your answer. But can you guide me where and how to
add selfsign certificate in the keystore file?
>Ive tried use ldap with port 389. CAS is loaded, but when im trying to
login with my username and password its return error. LDAP: error code 8 -
BindSimple: Transport encryption required
On Friday, July 12, 2019 at 2:39:25 PM UTC+7, casuser wrote:
>
> You need to add the self sign certificate in thekeystore file of CAS, also
> check of the port 636 is open or not. Actually you don't need ldaps for cas
> authentication. Bellow is my ldap config which works for me. Check whether
> your ports are open or not.
>
> cas.authn.ldap[0].principalAttributeList
> =sAMAccountName,cn,givenName,memberOf,userPrincipalName,department,title,distinguishedName
> cas.authn.ldap[0].collectDnAttribute=false
> #cas.authn.ldap[0].principalDnAttributeName=sAMAccountName
> # cas.authn.ldap[0].allowMultiplePrincipalAttributeValues=true
> # cas.authn.ldap[0].allowMissingPrincipalAttributeValue=true
> #cas.authn.ldap[0].credentialCriteria=
> cas.authn.ldap[0].ldapUrl=ldap://myldap:389
> cas.authn.ldap[0].bindDn=CN=myldapadmin,OU=admin,DC=example,DC=edu
> cas.authn.ldap[0].bindCredential=mypass
> cas.authn.ldap[0].minPoolSize=3
> cas.authn.ldap[0].maxPoolSize=10
> cas.authn.ldap[0].validateOnCheckout=true
> cas.authn.ldap[0].validatePeriodically=true
> cas.authn.ldap[0].validatePeriod=600
> #cas.authn.ldap[0].validateTimeout=PT5S
> cas.authn.ldap[0].failFast=true
> # cas.authn.ldap[0].idleTime=PT10M
> # cas.authn.ldap[0].prunePeriod=PT2H
> # cas.authn.ldap[0].blockWaitTime=PT3S
> cas.authn.ldap[0].useSsl=false
> cas.authn.ldap[0].useStartTls=false
> #cas.authn.ldap[0].responseTimeout=PT5S
> cas.authn.ldap[0].allowMultipleDns=false
> #cas.authn.ldap[0].name=
> cas.authn.ldap[0].type=AUTHENTICATED
> cas.authn.ldap[0].baseDn=DC=example,DC=edu
> cas.authn.ldap[0].subtreeSearch=true
> cas.authn.ldap[0].searchFilter=sAMAccountName={user}
> cas.authn.ldap[0].enhanceWithEntryResolver=true
> #cas.authn.ldap[0].derefAliases=NEVER|SEARCHING|FINDING|ALWAYS
> cas.authn.ldap[0].dnFormat=uid=%s,DC=example,DC=edu
> #cas.authn.ldap[0].principalAttributePassword=
> cas.authn.ldap[0].followReferrals=false
> cas.authn.ldap[0].hostnameVerifier=ANY
>
> On Fri, Jul 12, 2019 at 2:54 PM Alex Samosir > wrote:
>
>> Yes. Because Its in my local PC.
>>
>> On Friday, July 12, 2019 at 8:03:24 AM UTC+7, casuser wrote:
>>>
>>> Are you using a self signed certificate?
>>>
>>>
>>> On Fri, Jul 12, 2019 at 12:12 AM Alex Samosir
>>> wrote:
>>>
>>>> Im trying to connect CAS with my LDAP Server. And im following The New
>>>> School Tutorial by the way.
>>>> But its no luck
>>>> Im facing this error
>>>>
>>>> [image: ldaps.png]
>>>>
>>>>
>>>>
>>>> Ive already tried that configuration with my LDAP Browser
>>>> And its success and connected
>>>>
>>>>
>>>> [image: ldap browser.png]
>>>>
>>>> [image: LDAP BROWSER SUCCESS.png]
>>>> here is my cas.properties
>>>>
>>>> cas.authn.ldap[0].order:0
>>>> cas.authn.ldap[0].name: LDAP
>>>> cas.authn.ldap[0].type: AUTHENTICATED
>>>> cas.authn.ldap[0].ldapUrl: ldaps://10.2.2.64
>>>> cas.authn.ldap[0].validatePeriod: 270
>>>> #cas.authn.ldap[0].poolPassivator: BIND
>>>> cas.authn.ldap[0].searchFilter: cn={user}
>>>> cas.authn.ldap[0].baseDn:
>>>> cn=Users,DC=app,DC=lkpp,DC=go,DC=id
>>>> #cas.authn.ldap[0].dnFormat:
>>>> cn=%s,CN=Users,DC=app,DC=lkpp,DC=go,DC=id
>>>>
>>>> cas.authn.ldap[0].bindDn:cn=Administrator,cn=Users,dc=app,dc=lkpp,dc=go,dc=id
>>>> cas.authn.ldap[0].bindCredential:
>>>>
>>>> any suggestion what I did wrong?
>>>>
>>>> --
>>>> - Website: https://apereo.github.io/cas
>>>> - Gitter Chatroom: https://gitter.im/apereo/cas
>>>> - List Guidelines: https://goo.gl/1VRrw7
>>>> - Contributions: https://goo.gl/mh7qDG
>>>> ---
>>>> You received this message because you are subscribed to the Google
>>>> Groups "CAS Community" group.
>>>> To unsubscribe from this group and stop receiving emails from it, send
>>>> an email to cas-...@apereo.org.
&