On Mon, 22 Feb 2010 12:51:30 -0500, Eric Covener wrote: >> In my apache2 config, if I try to use: >> "ldaps://adserver.domain.tld:636/DC=domain,DC=tld?sAMAccountname?sub?(objectClass=*)" >> SSL >> the authentication fails, per my error.log with: >> "authentication failed; URi / [LDAP: ldap_simple_bind_s() failed]Can't >> contact LDAP server]". >> >> Are there additional pieces needed for this to work? > > LDAPTrustedGlobalCert or LDAPVerifyServerCert? Thanks. I'm having a hard time finding an explanation that makes sense to me of how the ldaps layer (tier?) works as opposed to the https layer... Do the attributes for either of those need to point to the same certificate being used at the front end https server's auths? Or does there need to be a new certificate created just for the ldaps communication back to active directory? --------------------------------------------------------------------- The official User-To-User support forum of the Apache HTTP Server Project. See <URL:http://httpd.apache.org/userslist.html> for more info. To unsubscribe, e-mail: users-unsubscribe@xxxxxxxxxxxxxxxx " from the digest: users-digest-unsubscribe@xxxxxxxxxxxxxxxx For additional commands, e-mail: users-help@xxxxxxxxxxxxxxxx