Not logged in. · Lost password · Register
Forum: General Help and Support Features and Functionality RSS
authldap with ldaps
myr@htw #1
Member for 2 weeks · 1 post · Location: Saarbrücken
Group memberships: Members
Show profile · Link to this post
Subject: authldap with ldaps

I'd like to authenticate over ldaps (ldap over ssl, not starttls).
In local.php I have set our ldap server with the ssl port 636

When I try to login the following error occurs:

 LDAP: couldn't connect to LDAP server
Benutzername oder Passwort sind falsch.

In /etc/openldap/ldap.conf I have set the following parameters:

BASE ou=......
URI ldaps://<ourldapserver>:636/

TLS_CACERTDIR   /etc/openldap/cacerts
TLS_CACERT      /etc/openldap/cacerts/CAcert.pem
TLS_REQCERT     never

When sniffing with wireshark I see the error

TLSv1.2 Alert (Level: Fatal, Description: Unknown CA)

Dokuwiki authentication works fine with ldap (without ssl).

LDAPS authentication works fine with our ldap server(s) for many other services with the same certificate.

What can be wrong?

Close Smaller – Larger + Reply to this post:
Verification code: VeriCode Please enter the word from the image into the text field below. (Type the letters only, lower case is okay.)
Smileys: :-) ;-) :-D :-p :blush: :cool: :rolleyes: :huh: :-/ <_< :-( :'( :#: :scared: 8-( :nuts: :-O
Special characters:
Go to forum
This board is powered by the Unclassified NewsBoard software, 20150713-dev, © 2003-2015 by Yves Goergen
Current time: 2018-10-21, 21:13:58 (UTC +02:00)