Hi guys.I'm trying to enable SSL for LDAP authentication on a Debian Etch, Apache version 2.2.3
The authentication/authorization without SSL directives is working properly, but as soon as I try to enable the secure layer, I get this error:
[debug] mod_authnz_ldap.c(373): [18646] auth_ldap authenticate: using URL ldaps://ldap.mydomain.com/ou=People,dc=mydomain,dc=com?uid [warn] [30270] auth_ldap authenticate: user testuser authentication failed; URI /account-management/secure/ [LDAP: ldap_simple_bind_s() failed][Can't contact LDAP server]
I'm pretty sure it's not a firewall issue because I can telnet to port 636 on LDAP server(s).
These are the directives I've set up:
<IfModule util_ldap.c>
LDAPTrustedGlobalCert CA_BASE64 /etc/ssl/certs/cacert.pem
LDAPTrustedMode SSL
LDAPVerifyServerCert off
</IfModule>
<Directory /var/www/it/account-management/secure>
AuthType Basic
AuthName "LDAP authentication for IT"
AuthBasicProvider ldap
AuthzLDAPAuthoritative off
AuthLDAPURL "ldaps://ldap.mydomain.com/ou=People,dc=it,dc=net,dc=au?uid"
require valid-user
</Directory>
Any suggestion? Thanks!
--
Alexander Fortin
IT Consultant
Informed Technology
E-mail: alieno@xxxxxxxxx
Ph: 08 9460 4888 Fax: 08 9460 4877
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx
" from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx
For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx
|