Emmanuel Bailleul wrote:
Hi,
Did you try your LDAPS connection with ldapsearch first ? (sth like ldapsearch -H <ldaps url> -x ...).
Sorry I didn't mentioned: yes, I have tested, and with ldapsearch it
works fine (using the name address and not the IP address)
An important thing : when calling your ldap server, do use the resolved name
rather than the IP. You can even add it in your hosts file if needed.
I use the name address and not the IP address. Do you think that's the
problem? I think it doesn't even try to connect to the ldap server.
Anyhow, I gave it a try, and same error come.
Two other things :
- what king of ldap server are u using ?
it's "OpenLDAP server (slapd) version 2.4.11-1" (Debian Lenny).
- when building, are you sure you did not have several ssl toolkits/versions installed ? Can
you confirm httpd has been built with the correct one (I just remember having made this
mistake once and having to build with an option like
"--with-ssl=<path-to-the-right-openssl-dir") ?
I actually used "--with-ssl=/path/to/openssl-0.9.8g-16052008". But, hey,
now that I look at it, in the error.log I see:
[Mon Nov 02 11:26:54 2009] [info] mod_ssl/2.2.14 compiled against
Server: Apache/2.2.14, Library: OpenSSL/0.9.7e
WTH?! why is using 0.9.7e while I told him to link against 0.9.8g?
Infact
# strings modules/mod_ssl.so | grep '0.9.7' | wc -l
33
Could that be the problem? Any suggestion how to fix that? Other to look?
Thanks a lot,
Sandro
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscr...@httpd.apache.org
" from the digest: users-digest-unsubscr...@httpd.apache.org
For additional commands, e-mail: users-h...@httpd.apache.org
