Not logged in. · Lost password · Register
Forum: General Help and Support Features and Functionality RSS
[solved] authldap with ldaps
Avatar
myr@htw #1
Member for 2 months · 4 posts · Location: Saarbrücken
Group memberships: Members
Show profile · Link to this post
Subject: [solved] authldap with ldaps
Hello,

I'd like to authenticate over ldaps (ldap over ssl, not starttls).
In local.php I have set our ldap server with the ssl port 636

When I try to login the following error occurs:

 LDAP: couldn't connect to LDAP server
Benutzername oder Passwort sind falsch.

In /etc/openldap/ldap.conf I have set the following parameters:

BASE ou=......
URI ldaps://<ourldapserver>:636/

TLS_CACERTDIR   /etc/openldap/cacerts
TLS_CACERT      /etc/openldap/cacerts/CAcert.pem
TLS_REQCERT     never

When sniffing with wireshark I see the error

TLSv1.2 Alert (Level: Fatal, Description: Unknown CA)


Dokuwiki authentication works fine with ldap (without ssl).

LDAPS authentication works fine with our ldap server(s) for many other services with the same certificate.

What can be wrong?

Regards
Margit
This post was edited on 2018-10-30, 09:10 by myr@htw.
Avatar
myr@htw #2
Member for 2 months · 4 posts · Location: Saarbrücken
Group memberships: Members
Show profile · Link to this post
Hello,

is there nobody having a tip for me?

Margit
Avatar
myr@htw #3
Member for 2 months · 4 posts · Location: Saarbrücken
Group memberships: Members
Show profile · Link to this post
My problem is solved:
I updated the operating system (CentOS 7) - yum update -
and now everything works fine ! Don't know why ......
Close Smaller – Larger + Reply to this post:
Verification code: VeriCode Please enter the word from the image into the text field below. (Type the letters only, lower case is okay.)
Smileys: :-) ;-) :-D :-p :blush: :cool: :rolleyes: :huh: :-/ <_< :-( :'( :#: :scared: 8-( :nuts: :-O
Special characters:
Go to forum
Imprint
This board is powered by the Unclassified NewsBoard software, 20150713-dev, © 2003-2015 by Yves Goergen
Current time: 2018-12-19, 02:37:24 (UTC +01:00)