What do logs show ? Also, do you know if you are establishing a connection ?
And, also, any permissions issue with the server reading the certificate ? Sturgis, Grant wrote: > No luck on this thread. Let me ask a different question: > > Is anyone using ldaps authentication - or ldap for that matter? > > Anyone using ldaps to AD? > > Thanks, > > Grant > --------------- > > >> -----Original Message----- >> From: Sturgis, Grant >> Sent: Wednesday, January 18, 2006 2:12 PM >> To: users@httpd.apache.org >> Subject: [EMAIL PROTECTED] ldaps authentication >> >> Greetings List, >> >> I have seen this question posted several times, but have not seen a >> resolution. If it is in the archives, I apologize for not seeing it >> there. >> >> I have ldap authentication working using mod_auth_ldap, but I want to >> enable ldaps to avoid transmitting passwords in clear text. >> This is the >> configuration so far: >> >> <Directory "/home/httpd/ldap_test"> >> AuthType basic >> AuthName "ldap test" >> AuthLDAPUrl >> ldap://dc1.domain.com/dc=domain,dc=com?sAMAccountName?sub?(obj >> ectClass=u >> ser) >> AuthLDAPBindDN cn=nobody,ou=Users-IT,dc=domain,dc=com >> AuthLDAPBindPassword password >> AuthLDAPGroupAttribute member >> require group cn=ldap_test_group,ou=Users-IT,dc=domain,dc=com >> </Directory> >> >> however, to enable ldaps, I add these lines (outside the >> <Directory>, of >> course): >> >> LDAPTrustedCA /etc/httpd/conf/cacerts/dc1.cer >> LDAPTrustedCAType BASE64_FILE >> >> and then change ldap to ldaps in the AuthLDAPUrl line >> >> and it stops working. >> >> I have used this cert successfully in pam_ldap and ldapsearch. >> >> Any suggestions for what I could be doing wrong? >> >> The details: >> >> RHEL ES 4 >> httpd-2.0.52-22.ent >> >> Thanks for any suggestions, >> >> Grant >> ----------------- >> >> >> >> >> Pardon this rubbish: >> >> >> This electronic message transmission is a PRIVATE >> communication which contains >> information which may be confidential or privileged. The >> information is intended >> to be for the use of the individual or entity named above. If >> you are not the >> intended recipient, please be aware that any disclosure, >> copying, distribution >> or use of the contents of this information is prohibited. >> Please notify the >> sender of the delivery error by replying to this message, or >> notify us by >> telephone (877-633-2436, ext. 0), and then delete it from your system. >> >> >> --------------------------------------------------------------------- >> The official User-To-User support forum of the Apache HTTP >> Server Project. >> See <URL:http://httpd.apache.org/userslist.html> for more info. >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> " from the digest: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> >> > > This electronic message transmission is a PRIVATE communication which contains > information which may be confidential or privileged. The information is > intended > to be for the use of the individual or entity named above. If you are not the > intended recipient, please be aware that any disclosure, copying, > distribution > or use of the contents of this information is prohibited. Please notify the > sender of the delivery error by replying to this message, or notify us by > telephone (877-633-2436, ext. 0), and then delete it from your system. > > > --------------------------------------------------------------------- > The official User-To-User support forum of the Apache HTTP Server Project. > See <URL:http://httpd.apache.org/userslist.html> for more info. > To unsubscribe, e-mail: [EMAIL PROTECTED] > " from the digest: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- °(((=((===°°°(((===========================================
begin:vcard fn:Ricardo Stella n:Stella;Ricardo org:Rider University adr;dom:;;2083 Lawrenceville Rd;Lawrenceville;NJ;08648 version:2.1 end:vcard
--------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: [EMAIL PROTECTED] " from the digest: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
