Hi,
I did run some openssl commands and here is what I saw.
# openssl s_client -connect ldap server ip:636
verify error:num=20:unable to get local issuer certificate
verify return:1
verify error:num=21:unable to verify the first certificate
verify return:1
No client certificate CA names sent
Hi All,
Finally, I am able to solve the issue.
I just replaced the IP address used in AuthLDAPUrl with the hostname that
has been used during creating the certificate (CN) and that worked for me.
Thank you very much for all the support.
Regards
Asimananda
On Tue, Sep 22, 2009 at 12:23 PM,
Hi Eric,
I have changed the permission level of the certificate presented to apache
but still I have got no success.
Here are the logs from my apache.
During Startup :
[Mon Sep 21 13:31:22 2009] [notice] LDAP: Built with OpenLDAP LDAP SDK
[Mon Sep 21
Hi,
In continuation to my below mails :
I snooped the packets and found that in case of ldap url, apache is
sending bind request towards my ldap server whereas in case of ldaps url,
no such bind request towards ldap server is seen.
Regards
Asimananda
On Mon, Sep 21, 2009 at 12:52 PM, Asimananda
Asimananda Mohanty wrote:
Hi,
In continuation to my below mails :
I snooped the packets and found that in case of ldap url, apache is
sending bind request towards my ldap server whereas in case of ldaps url,
no such bind request towards ldap server is seen.
Are you sure ?
If ldaps means
* André Warnier a...@ice-sa.com [2009-09-21 13:51]:
If ldaps means secure LDAP (as in SSL), then all packets would
be encrypted, and your protocol analyser may just not be able to
detect them.
Well, at least a TCP connect to (default) port 636 should be in the
trace (not that I'm saying there
I can see client hello, server hello, certificate from server, server hello
done, encrypted handshake messages on my packet sniffer.
Well, I can see some checksum error in the server hello, certificate,
encrypted handshake messages.
For all the above messages, port 636 on my ldap server has been
* Asimananda Mohanty asimananda.moha...@gmail.com [2009-09-21 14:11]:
I can see client hello, server hello, certificate from server, server hello
done, encrypted handshake messages on my packet sniffer.
Well, I can see some checksum error in the server hello, certificate,
encrypted handshake
Should I assume that the certificate presented to apache is not the correct
one?
But the same certificate works fine when I use it on my ldap server where
the ldap client is also installed.
Regards
Asimananda
On Mon, Sep 21, 2009 at 5:54 PM, Peter Schober
peter.scho...@univie.ac.atwrote:
*
* Asimananda Mohanty asimananda.moha...@gmail.com [2009-09-21 14:37]:
Should I assume that the certificate presented to apache is not the correct
one?
But the same certificate works fine when I use it on my ldap server where
the ldap client is also installed.
Get the ldap command line client
Hi Eric,
Thanks for the reply.
In my case, the apache is built with openldap lib. I hope, in this case, it
shouldn't have shown any issues, please correct me if I am wrong.
Regards
Asimananda
On Fri, Sep 18, 2009 at 4:43 PM, Eric Covener cove...@gmail.com wrote:
On Fri, Sep 18, 2009 at 1:55
On Fri, Sep 18, 2009 at 1:55 AM, Asimananda Mohanty
asimananda.moha...@gmail.com wrote:
Hi All,
I am a new member in this group. I am facing an issue regarding openLDAP
access from apache http server and here are the details.
1. I have configured a openLDAP server configured with gnutls as can
Hi All,
I am a new member in this group. I am facing an issue regarding openLDAP
access from apache http server and here are the details.
1. I have configured a openLDAP server configured with gnutls as can be seen
below :
ldd slapd
13 matches
Mail list logo
