TLS issues during screen lock

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Yes I've had that problem before but I fixed it before.

I think its a permission problem of user accesing the certificate. When 
you logged onto the system the auth process is done by root but when you 
lock it with a screen saver its locked by the user. So to unlock it the 
auth process is done by the user.

But if your user has no access to the certificate he can't authenticate 
against the ldap.

You can verify this by (Test this by)

chmod -R 755  /etc/openldap/certs

(Or where everever your certs are on the client system)

Log in as a normal user, lock it with xscreen saver, try unlocking it.

If it works you have a access permission  problems with your certs.



On Wed, 11 Apr 2007, Rich Megginson wrote:

> Brian Zuromski wrote:
>> Rich,
>>       No, I'm not using client based auth with this setup.  I am sharing 
>> out the server certificate to the network client.
> How does this relate to LDAP or the directory server?
>> Date: Tue, 10 Apr 2007 08:35:00 -0700
>> From: Rich Megginson <rmeggins at redhat.com>
>> Subject: Re: TLS issues during screen lock
>> To: "General discussion list for the Fedora Directory server project."
>>     <fedora-directory-users at redhat.com>
>> Message-ID: <461BAEA4.5080708 at redhat.com>
>> Content-Type: text/plain; charset="iso-8859-1"
>> 
>> Brian Zuromski wrote:
>> 
>>> > Hello,
>>> >          I'm having an issue with TLS certificates.  On the client > 
>>> side, it seems that when I have TLS enabled it works fine.  When I > 
>>> screen lock the computer, I have to disable TLS to get back in.  Has > 
>>> anyone else experienced this before?
>>> 
>> Are you using client cert based auth?
>> 
>>> >
>>> > Thanks,
>>> >
>>> 
>> 
>
>
>
> !DSPAM:272,461d0aeb65221969219952!
>

-- 
Ashley Chew - Systems Administrator
School of Computer Science and Software Engineering
University of Western Australia
Tel: (+61 8) 6488 7082 - Fax: (+61 8) 6488 1089
Ashley[@]csse.uwa.edu.au - http://www.csse.uwa.edu.au/~ashley

"There is no such thing as Fate, Fate is what you make of it!"




[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux