Hi Louis,
I made lately a change in how the SSL certifcate verification is done. Did
you use the latest version from trunk ? Also set the variable TLS_CACERTFILE
in your startup script (e.g. export TLS_CACERTFILE=/etc/mydir/cas.pem ). I do
not read any ldap.conf file for this yet.
Markus
"L.P.H. van Belle" <be...@bazuin.nl> wrote in message
news:vmime.57beabe1.6a01.3a47ad2737b8d...@ms249-lin-003.rotterdam.bazuin.nl...
Hai,
I’ve added the needed upn, setup the _ldaps in the dns zones, thats ok now.
The last part, here i need some help.
support_ldap.cc(942): pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group:
DEBUG: Setting up connection to ldap server samba-dc1.internal.domain.tld:636
support_ldap.cc(786): pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group:
DEBUG: Set SSL defaults
support_ldap.cc(531): pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group:
DEBUG: Enable server certificate check for ldap server.
support_ldap.cc(544): pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group:
DEBUG: Set certificate file for ldap server to
/etc/ssl/certs/cert.pem.(Changeable through setting environment variable
TLS_CACERTFILE)
support_ldap.cc(800): pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group:
ERROR: Error while setting start_tls for ldap server: Can't contact LDAP server
support_ldap.cc(953): pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group:
DEBUG: Bind to ldap server with SASL/GSSAPI
support_sasl.cc(276): pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group:
ERROR: ldap_sasl_interactive_bind_s error: Can't contact LDAP server
support_ldap.cc(957): pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group:
ERROR: Error while binding to ldap server with SASL/GSSAPI: Can't contact LDAP
server
support_ldap.cc(942): pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group:
DEBUG: Setting up connection to ldap server samba-dc2.internal.domain.tld:636
support_ldap.cc(786): pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group:
DEBUG: Set SSL defaults
support_ldap.cc(531): pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group:
DEBUG: Enable server certificate check for ldap server.
support_ldap.cc(544): pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group:
DEBUG: Set certificate file for ldap server to
/etc/ssl/certs/cert.pem.(Changeable through setting environment variable
TLS_CACERTFILE)
support_ldap.cc(800): pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group:
ERROR: Error while setting start_tls for ldap server: Can't contact LDAP server
support_ldap.cc(953): pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group:
DEBUG: Bind to ldap server with SASL/GSSAPI
support_sasl.cc(276): pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group:
ERROR: ldap_sasl_interactive_bind_s error: Can't contact LDAP server
support_ldap.cc(957): pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group:
ERROR: Error while binding to ldap server with SASL/GSSAPI: Can't contact LDAP
server
I tried to set
TLS_CACERTFILE in ldap.conf, didnt work, so dont know how to fix this or there
to put these variables.
I need a user to connect to the ldap. Hi have that one in place.
I just can find how to put this in this line so i can test this out, but i can
only authenticate if the TLS_CACERTFILE is set correctly.
Any suggestions here?
Greetz,
Louis
--------------------------------------------------------------------------------
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
_______________________________________________
squid-users mailing list
squid-users@lists.squid-cache.org
http://lists.squid-cache.org/listinfo/squid-users
