Re: [389-users] SSl connection to 389 DS server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On 11/21/2010 09:41 AM, Laurent Roudier wrote:
> Hi everybody,
> I try to setup a 389 DS server and made it work with a web server. My current
> configuration is :
> fedora 14 (2.6.35.6-48.fc14.i686)
> 389-admin-1.1.11-1.fc14.i686
> 389-ds-console-doc-1.2.3-1.fc14.noarch
> 389-adminutil-1.1.10-2.fc14.i686
> 389-ds-console-1.2.3-1.fc14.noarch
> 389-ds-base-1.2.6.1-2.fc14.i686
> 389-console-1.1.4-1.fc14.noarch
> 389-ds-1.2.1-1.fc14.noarch
> 389-admin-console-1.1.5-1.fc14.noarch
> 389-admin-console-doc-1.1.5-1.fc14.noarch
> 389-dsgw-1.1.5-2.fc14.i686
>
> I setup 389 without any probleme
> I add certificate and secure connection with the used of setupssl2.sh script.
> So if I use this php script, it work without any problem
>        <?php
>           $ldaprdn  = DN
>            $ldappass = password
>            $ldapconn = ldap_connect("ldap://localhost";);
>            if ($ldapconn) {
>               if ($ldapbind) {
>                    echo "<P>bind LDAP OK</P>";
>                } else {
>                    echo "<P>bind LDAP KO</P>";
>                }
>            }
>            else
>            {
>                echo "<P>fail</P>";
>            }
>            ?>
>
> if a change "ldap://localhost"; by "ldaps://localhost", it fail and the log of
> 389 is
>
>        [21/Nov/2010:16:53:54 +0100] conn=1 fd=64 slot=64 SSL connection from ::1
> to ::1
>        [21/Nov/2010:16:53:54 +0100] conn=1 op=-1 fd=64 closed - Encountered end
> of file.
Where do you specify the CA certificate and other security options, if any?
Can you turn up php logging?
> if a change "ldap://localhost"; by "localhost",636, it hang, I must restart
> dirsvr and the log of 389 is
>
>           [21/Nov/2010:15:43:38 +0100] conn=3 fd=65 slot=65 connection from ::1
> to ::1
>           [21/Nov/2010:15:43:38 +0100] conn=3 op=0 EXT
> oid="1.3.6.1.4.1.1466.20037" name="startTLS"
>           [21/Nov/2010:15:43:38 +0100] conn=3 op=0 RESULT err=0 tag=120
> nentries=0 etime=0
>           [21/Nov/2010:15:43:38 +0100] conn=3 op=-1 fd=65 closed - Encountered
> end of file.
>
>
> I try several thinks, changing the certificate,
How do you change the certificate?
> the file /etc/openldap/ldap.conf
> but nothing is working.
Does php use /etc/openldap/ldap.conf?
> Please help me
>
> Laurent
>
>
>
> --
> 389 users mailing list
> 389-users@xxxxxxxxxxxxxxxxxxxxxxx
> https://admin.fedoraproject.org/mailman/listinfo/389-users

--
389 users mailing list
389-users@xxxxxxxxxxxxxxxxxxxxxxx
https://admin.fedoraproject.org/mailman/listinfo/389-users
[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux