On Tue, Oct 16, 2012 at 6:46 AM, Marko Cupać <[email protected]> wrote: > I have been using rt4 for some time now in plain protocols (site is on > http, fetchmail is plain pop3, external auth is done from ldap without > ssl). Now, I am increasing security by switching to encrypted > protocols. > > Switching apache to https was easy thing to do, and I spent a few hours > with fetchmail and certificates but it also works now. > > RT::Extension::LDAPimport "just worked" when switching ldaphost to > ldaps: > > Set($LDAPHost,'ldaps://ldap.company.tld'); > > Also, after setting > Set($ExternalAuthPriority,['My_LDAP']); > Set($ExternalInfoPriority,['My_LDAP']); > Set($ExternalServiceUsesSSLorTLS,1); > Set($ExternalSettings,{ > 'My_LDAP' => { > ... > 'tls' => 1, > 'ssl_version' => 3, > ... > } > } > > ... i can still authenticate. > > I can not believe this can be so simple :) Is there a way to check that > ssl is really used? >
Check your ldap servers logs or run wireshark/tcpdump from the RT server and inspect the traffic. -------- Final RT training for 2012 in Atlanta, GA - October 23 & 24 http://bestpractical.com/training We're hiring! http://bestpractical.com/jobs
