Haha, Got it! https://bugzilla.redhat.com/show_bug.cgi?id=664671 Thanks for your pointers, I thought code 4 was a size error. Thank you, waiting for this issue resolution now :) (its not blocking for me and I’m far from being a security/system expert, just an humble Java developper). Best regards, Charlie Le 07/01/2015 21:27, « Rob Crittenden » <rcritten@xxxxxxxxxx> a écrit : >Charlie Mordant wrote: >> However, Apache configuration test tells that syntax is ok > >It's not an Apache configuration problem. It has to do with LDAP AFAICT. > >I'd check your 389-ds access and error logs to see if there is a bind. >The error 4 is rather generic and used in a number of places. If I'm >reading the code right it can mean one of: > >1. Invalid credentials >2. Invalid DN syntax >3. something else, a catch-all. > >But you should probably see a connect and hopefully a bind request and >the LDAP error from that should tell you more about what is going on. > >rob > >> >> 2015-01-05 19:15 GMT+01:00 Charlie Mordant <cmordant1@xxxxxxxxx >> <mailto:cmordant1@xxxxxxxxx>>: >> >> Hi contact experts! >> >> I’m trying to make a future OSS contribution making an OPSCode Chef >> recipe to install a secure LDAP. >> >> I (barely) migrate and use >> the https://github.com/richm/scripts/blob/master/setupssl2.sh#L238 >>shell >> to secure a provisionned LDAP, but while executed, restarting >> dirsrv-admin led me to an error: >> [code] >> [Sat Jan 03 18:19:36.940462 2015] [:info] [pid 8266:tid >> 140486247127104] Server: Apache/2.4.6, Interface: mod_nss/2.4.6, >> Library: NSS/3.15.2 Basic ECC >> [Sat Jan 03 18:19:36.940490 2015] [:debug] [pid 8266:tid >> 140486247127104] mod_admserv/mod_admserv.c(2467): Entering >> mod_admserv_post_config - pid is [8266] init count is [0] >> [Sat Jan 03 18:19:36.940495 2015] [:debug] [pid 8266:tid >> 140486247127104] mod_admserv/mod_admserv.c(2295): Entering >> do_admserv_post_config - pid is [8266] >> [Sat Jan 03 18:19:36.940498 2015] [:debug] [pid 8266:tid >> 140486247127104] mod_admserv/mod_admserv.c(2303): Entering >> do_admserv_post_config - init count is [1] >> [Sat Jan 03 18:19:36.940506 2015] [:debug] [pid 8266:tid >> 140486247127104] mod_admserv/mod_admserv.c(2327): [8266] Cache >> expiration set to 600 seconds >> [Sat Jan 03 18:19:36.943993 2015] [:debug] [pid 8266:tid >> 140486247127104] mod_admserv/mod_admserv.c(2431): Added >> StartConfigDs task entry >> >>[cn=startconfigds,cn=operation,cn=tasks,cn=admin-serv-contacts,cn=389 >>administration >> server,cn=server group,cn=contacts.osgiliath.is-a-chef.net >> <http://contacts.osgiliath.is-a-chef.net>,ou=osgiliath.is-a-chef.net >> <http://osgiliath.is-a-chef.net>,o=netscaperoot:start_config_ds:] >> for user [LocalSuper] >> [Sat Jan 03 18:19:36.945579 2015] [:info] [pid 8266:tid >> 140486247127104] host_ip_init(): problem creating secure AdmldapInfo >> (error code = 4) >> [Sat Jan 03 18:19:36.945670 2015] [:crit] [pid 8266:tid >> 140486247127104] host_ip_init(): PSET failure: Failed to create PSET >> handle (pset error = ) >> AH00016: Configuration Failed >> [Sat Jan 03 18:19:36.956655 2015] [:info] [pid 8266:tid >> 140486247127104] Shutting down SSL Session ID Cache >> [/code] >> >> Using certutil to list certificates looks good, restarting the >> (main) ldap is OK. >> >> Have you got any clue to debug/find the source of the error? >> >> Best regards, >> >> Charlie >> -- >> >> Charlie Mordant >> Full OsgiEE like >> stack: https://github.com/OsgiliathEnterprise/net.osgiliath.parent >> >> >> >> >> -- >> Charlie Mordant >> >> Full OSGI/EE stack made with Karaf: >> https://github.com/OsgiliathEnterprise/net.osgiliath.parent >> >> >> -- >> 389 users mailing list >> 389-users@xxxxxxxxxxxxxxxxxxxxxxx >> https://admin.fedoraproject.org/mailman/listinfo/389-users >> > >-- >389 users mailing list >389-users@xxxxxxxxxxxxxxxxxxxxxxx >https://admin.fedoraproject.org/mailman/listinfo/389-users -- 389 users mailing list 389-users@xxxxxxxxxxxxxxxxxxxxxxx https://admin.fedoraproject.org/mailman/listinfo/389-users
