Admin server TLS error

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Matthias Saou wrote:
> Jeff Gamsby wrote :
> 
>> I'm not sure it f this will work.
>> Try NSSEngine off in admin-serv/config/console.conf?
> 
> Nope. It's already off. I've looked at all the files in that directory
> and simply can't figure out why it's trying to connect to the FDS using
> TLS nor how to revert that behavior to the previous one.
> 
> Other suggestions are welcome.
> 
> Matthias

Right, console.conf configures the HTTP admin server itself, not the 
communication between the two servers.

You need to edit /opt/fedora-ds/shared/config/dbswitch.conf and set it 
to ldap:// and port 389 (or whatever your non-secure port is). It worked 
in my quickie test anyway.

rob

> 
>> Matthias Saou wrote:
>>> Hi,
>>>
>>> I'm setting up FDS 1.0.2 on RHEL4 x86_64, and everything was going
>>> rather well, until I started trying to use SSL/TLS everywhere.
>>>
>>> Following the instructions in the Wiki I got the certificates created
>>> and installed using the provided script. I can now see the FDS
>>> listening on port 636. But I think I also enabled SSL or TLS for the
>>> admin server... which now refuses to start.
>>>
>>> All I see in the admin-serv/logs/error file is this :
>>>
>>> [Wed Jun 07 13:16:30 2006] [crit] buildUGInfo(): unable to initialize
>>> TLS connection to LDAP host ldap.mydomain port 636: 4
>>> [Wed Jun 07 13:16:30 2006] [crit] mod_admserv_post_config(): unable to
>>> build user/group LDAP server info:
>>> Configuration Failed
>>>
>>> And I really don't know how to fix this... I think I've really tried
>>> everything I could think of already. Setting the LogLevel to debug
>>> doesn't give any more useful output.
>>>
>>> Is there any way I can revert to a plain connection to port 389? I
>>> don't really understand the problem in the first place since I've put
>>> this in adm.conf but it didn't change the error :
>>>
>>> ldapHost: ldap.mydomain
>>> ldapPort: 389
>>>
>>> Matthias
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20060607/003a4689/attachment.bin
[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux