https://issues.apache.org/bugzilla/show_bug.cgi?id=42001
Daniel A. <[email protected]> changed: What |Removed |Added ---------------------------------------------------------------------------- Status|NEEDINFO |NEW --- Comment #3 from Daniel A. <[email protected]> 2010-02-04 01:44:07 UTC --- (In reply to comment #2) > can you confirm which SSL toolkit your ldap binaries are linked with via e.g > ldd? As the original submitter also said, everything here works perfectly as long as i remove the "s" from "ldaps://". There is no timeout, the failures are immediate. SSL HTTP connections initiated TO the web server are fine too. I'm gonna try and see if it'll work with a newer openssl from ports, but here's what I've been using so far: openldap-client-2.4.21 Open s It's linked to the local libs, /usr/local/libexec/apache22/mod_ldap.so: libldap-2.4.so.7 => /usr/local/lib/libldap-2.4.so.7 (0x800b0c000) libssl.so.5 => /usr/lib/libssl.so.5 (0x800c4a000) libcrypto.so.5 => /lib/libcrypto.so.5 (0x800d94000) liblber-2.4.so.7 => /usr/local/lib/liblber-2.4.so.7 (0x801026000) libc.so.7 => /lib/libc.so.7 (0x800633000) 7.0-RELEASE-p3 FreeBSD... # httpd -v Server version: Apache/2.2.14 (FreeBSD) Server built: Feb 1 2010 15:06:58 # pkg_info|grep ldap openldap-client-2.4.21 Open source LDAP client implementation # openssl version OpenSSL 0.9.8e 23 Feb 2007 relevant snips from httpd.conf: #Load LDAP certificate LDAPTrustedGlobalCert CA_BASE64 /usr/local/etc/apache22/ldap_cert/<AD Hostname>.CA.pem AuthName "Nagios Access" AuthType Basic AuthBasicProvider ldap AuthzLDAPAuthoritative on AuthLDAPURL "ldap://<hostname>:3268 <hostname>:3268/?sAMAccountName?sub?(objectClass=*)" #AuthLDAPURL "ldaps://<hostname>/?sAMAccountName?sub?(objectClass=*)" #AuthLDAPURL "ldaps://<hostname>:3269/?sAMAccountName?sub?(objectClass=*)" AuthLDAPBindDN "CN=<cn>,OU=<ou>,OU=<ou>,OU=<ou>,DC=<dc>,DC=<dc>" AuthLDAPBindPassword <pass> Require valid-user [Thu Feb 04 10:31:05 2010] [debug] mod_authnz_ldap.c(377): [client 192.168.64.101] [64980] auth_ldap authenticate: using URL ldaps://<hostname>/?sAMAccountName?sub?(objectClass=*), referer: https://nix01/side.html [Thu Feb 04 10:31:05 2010] [debug] mod_authnz_ldap.c(377): [client 192.168.64.101] [64980] auth_ldap authenticate: using URL ldaps://<hostname>/?sAMAccountName?sub?(objectClass=*), referer: https://nix01/side.html [Thu Feb 04 10:31:05 2010] [debug] mod_authnz_ldap.c(377): [client 192.168.64.101] [64980] auth_ldap authenticate: using URL ldaps://<hostname>/?sAMAccountName?sub?(objectClass=*), referer: https://nix01/side.html [Thu Feb 04 10:31:05 2010] [debug] mod_authnz_ldap.c(377): [client 192.168.64.101] [64980] auth_ldap authenticate: using URL ldaps://<hostname>/?sAMAccountName?sub?(objectClass=*), referer: https://nix01/side.html [Thu Feb 04 10:31:05 2010] [debug] mod_authnz_ldap.c(377): [client 192.168.64.101] [64980] auth_ldap authenticate: using URL ldaps://<hostname>/?sAMAccountName?sub?(objectClass=*), referer: https://nix01/side.html [Thu Feb 04 10:31:05 2010] [debug] mod_authnz_ldap.c(377): [client 192.168.64.101] [64980] auth_ldap authenticate: using URL ldaps://<hostname>/?sAMAccountName?sub?(objectClass=*), referer: https://nix01/side.html [Thu Feb 04 10:31:05 2010] [debug] mod_authnz_ldap.c(377): [client 192.168.64.101] [64980] auth_ldap authenticate: using URL ldaps://<hostname>/?sAMAccountName?sub?(objectClass=*), referer: https://nix01/side.html [Thu Feb 04 10:31:05 2010] [warn] [client 192.168.89.101] [64980] auth_ldap authenticate: user dak authentication failed; URI /nagios/cgi-bin/status.cgi [LDAP: ldap_simple_bind_s() failed][Can't contact LDAP server], referer: https://nix01/side.html -- Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are the assignee for the bug. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
