Search Postgresql Archives

LDAP TLS certificate error

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



I'm trying to configure Postgres to connect to my university's LDAP
server to authenticate database users.  In my pg_hba.conf, I have:

> hostssl all         +members    129.21.0.0/16         ldap "ldaps://ldap.rit.edu:636/ou=people,dc=rit,dc=edu;uid="

These are the same connection settings I'm using successfully in Apache.
 When I try to connect as an LDAP-authenticated user, I get the
following error in the logs:

> 2009-04-08 22:15:13 EDT LOG:  could not start LDAP TLS session: error code -1
> 2009-04-08 22:15:13 EDT FATAL:  LDAP authentication failed for user "pkf1214"

I'm not sure why it doesn't want to start TLS.  I've got the appropriate
CA certificates listed in my /etc/ldap/ldap.conf:

> TLS_CACERT /etc/ssl/certs/ca-certificates.crt

I'm on Ubuntu, and this file is a concatenated list of all the CA
certificates, including the LDAP server's CA.  I've confirmed this
should work under normal circumstances -- if I connect to LDAP in, say,
Python, startTLS works just fine.

Any ideas?  Is there a way I can turn on extra debugging to get out a
more detailed error message?

Thanks in advance!
Paul Fisher


-- 
Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx)
To make changes to your subscription:
http://www.postgresql.org/mailpref/pgsql-general

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[Index of Archives]     [Postgresql Jobs]     [Postgresql Admin]     [Postgresql Performance]     [Linux Clusters]     [PHP Home]     [PHP on Windows]     [Kernel Newbies]     [PHP Classes]     [PHP Books]     [PHP Databases]     [Postgresql & PHP]     [Yosemite]
  Powered by Linux