|
Hi Louis,
I made lately a change in how the SSL certifcate
verification is done. Did you use the latest version from trunk ?
Also set the variable TLS_CACERTFILE in your startup script
(e.g. export TLS_CACERTFILE=/etc/mydir/cas.pem ). I
do not read any ldap.conf file for this yet.
Markus
"L.P.H. van Belle" <belle@xxxxxxxxx> wrote in message
news:vmime.57beabe1.6a01.3a47ad2737b8db71@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx... Hai,
I’ve added the needed
upn, setup the _ldaps in the dns zones, thats ok now.
The last part, here i
need some help. support_ldap.cc(942):
pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group: DEBUG: Setting up
connection to ldap server
samba-dc1.internal.domain.tld:636 support_ldap.cc(786):
pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group: DEBUG: Set SSL
defaults support_ldap.cc(531):
pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group: DEBUG: Enable server
certificate check for ldap server. support_ldap.cc(544):
pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group: DEBUG: Set certificate file
for ldap server to /etc/ssl/certs/cert.pem.(Changeable through setting
environment variable TLS_CACERTFILE) support_ldap.cc(800):
pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group: ERROR: Error while setting
start_tls for ldap server: Can't contact LDAP
server support_ldap.cc(953):
pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group: DEBUG: Bind to ldap server
with SASL/GSSAPI support_sasl.cc(276):
pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group: ERROR:
ldap_sasl_interactive_bind_s error: Can't contact LDAP
server support_ldap.cc(957):
pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group: ERROR: Error while binding
to ldap server with SASL/GSSAPI: Can't contact LDAP
server support_ldap.cc(942):
pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group: DEBUG: Setting up
connection to ldap server
samba-dc2.internal.domain.tld:636 support_ldap.cc(786):
pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group: DEBUG: Set SSL
defaults support_ldap.cc(531):
pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group: DEBUG: Enable server
certificate check for ldap server. support_ldap.cc(544):
pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group: DEBUG: Set certificate file
for ldap server to /etc/ssl/certs/cert.pem.(Changeable through setting
environment variable TLS_CACERTFILE) support_ldap.cc(800):
pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group: ERROR: Error while setting
start_tls for ldap server: Can't contact LDAP
server support_ldap.cc(953):
pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group: DEBUG: Bind to ldap server
with SASL/GSSAPI support_sasl.cc(276):
pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group: ERROR:
ldap_sasl_interactive_bind_s error: Can't contact LDAP
server support_ldap.cc(957):
pid=26693 :2016/08/25 08:52:33| kerberos_ldap_group: ERROR: Error while binding
to ldap server with SASL/GSSAPI: Can't contact LDAP
server I tried to set
TLS_CACERTFILE in
ldap.conf, didnt work, so dont know how to fix this or there to put these
variables. I need a user to
connect to the ldap. Hi have that one in place.
I just can find how to
put this in this line so i can test this out, but i can only authenticate if the
TLS_CACERTFILE is set correctly. Any suggestions here?
Greetz,
Louis
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users |
_______________________________________________ squid-users mailing list squid-users@xxxxxxxxxxxxxxxxxxxxx http://lists.squid-cache.org/listinfo/squid-users
