Hello, I configured /etc/openldap.ldap.conf thusly:
But I still cannot bind. BASE dc=ldap2,dc=dcis,dc=hhs,dc=gov URI ldaps://test-ba.dcis.hhs.gov:636 #SIZELIMIT 12 #TIMELIMIT 15 #DEREF never TLS_CACERTDIR /etc/pki/CA/ TLSCACertificateFile /etc/pki/CA/cacert.pem TLSCertificateFile /etc/pki/CA/ldap-cert.pem TLS_REQCERT allow ~ Thank You, Chris Cheltenham SwainTechs / HHS Cell# 267-586-2369 From: Clément OUDOT [mailto:clem.ou...@gmail.com] Sent: Monday, November 24, 2014 6:00 AM To: Chris Cheltenham Cc: ltb-users@lists.ltb-project.org Subject: Re: [Ltb-users] ltb-users Digest, Vol 49, Issue 5 2014-11-22 18:22 GMT+01:00 Chris Cheltenham <cchelten...@swaintechs.com<mailto:cchelten...@swaintechs.com>>: Hello, When I have changed ldap to ldaps I am not able to connect. Can you help? Httpd log: [Sat Nov 22 12:16:54 2014] [error] [client 173.61.34.170] PHP Warning: ldap_bind(): Unable to bind to server: Can't contact LDAP server in /opt/ltb-project-self-service-password-0.8/pages/sendtoken.php on line 77, referer: https://test.dcis.hhs.gov/ssp/?action=sendtoken [Sat Nov 22 12:16:54 2014] [error] [client 173.61.34.170] LDAP - Bind error -1 (Can't contact LDAP server), referer: https://test.dcis.hhs.gov/ssp/?action=sendtoken Config File entry: $ldap_url = "ldaps://10.153.111.217:636<http://10.153.111.217:636>"; $ldap_binddn = "cn=Manager,dc=ldap2,dc=dcis,dc=hhs,dc=gov"; $ldap_bindpw = "redhat"; $ldap_base = "dc=ldap2,dc=dcis,dc=hhs,dc=gov"; $ldap_login_attribute = "uid"; $ldap_fullname_attribute = "cn"; $ldap_filter = "(&(objectClass=person)($ldap_login_attribute={login}))"; You need to configure SSL on the client side, see http://ltb-project.org/wiki/documentation/self-service-password/latest/config_ldap Clément.
_______________________________________________ ltb-users mailing list ltb-users@lists.ltb-project.org http://lists.ltb-project.org/listinfo/ltb-users
