It' always a judgement call what to post and what to leave out. I
can't post the full settings, strictly speaking.
'server'=> 'ldaps://server',
seems to have fixed it. Thanks all.
On Wed, Mar 5, 2014 at 10:22 AM, Gerald Vogt wrote:
> It's always much easier to h
On Wed, Mar 05, 2014 at 10:08:53AM -0600, Dewhirst, Rob wrote:
> thanks, I should have clarified that LDAP over TLS on 389 is not an
> option for us. We can only do LDAPS over 636.
If you want to do LDAPS to the LDAPS port and not STARTTLS on the
standard port, you probably want
server => 'ldaps:
It's always much easier to help if you post the full settings instead of
some parts.
Did you use ldaps in the server definition or did you add ldaps or the
different port number in net_ldap_args?
-Gerald
On 05.03.2014 17:08, Dewhirst, Rob wrote:
> thanks, I should have clarified that LDAP over T
thanks, I should have clarified that LDAP over TLS on 389 is not an
option for us. We can only do LDAPS over 636.
On Tue, Mar 4, 2014 at 11:32 AM, k...@rice.edu wrote:
> TLS would still be over port 389 if it was being used.
>
> Regards,
> Ken
>
> On Tue, Mar 04, 2014 at 11:29:48AM -0600, Dewhir
Is the CA certificate which signed your LDAP servers certs on your RT
host? It would need to be installed in /etc/ssl/certs or
/etc/pki/trust/anchors and hashed to be trusted.
--
Later,
Darin
On Tue, Mar 4, 2014 at 12:29 PM, Dewhirst, Rob wrote:
> I am successfully authenticating via LDAP (clear
TLS would still be over port 389 if it was being used.
Regards,
Ken
On Tue, Mar 04, 2014 at 11:29:48AM -0600, Dewhirst, Rob wrote:
> I am successfully authenticating via LDAP (cleartext) over TCP 389
> using RT::Authen::ExternalAuth
>
> However, once I change:
>
> Set($ExternalServiceUsesSSLorT
I am successfully authenticating via LDAP (cleartext) over TCP 389
using RT::Authen::ExternalAuth
However, once I change:
Set($ExternalServiceUsesSSLorTLS,1);
and in the ExternalSettings for My_LDAP:
'tls' => 1,
'ssl_version' => 3,
It s
