[SLE] mod_auth_ldap / ssl support

From: Stuart Kendrick (skendric_at_fhcrc.org)
Date: 02/28/05

  • Next message: Richard Bos: "Re: [SLE] Location of particular apt rpms" 
    Date: Mon, 28 Feb 2005 11:40:12 -0800 (PST)
To: suse-linux-e@lists.suse.com

    i would like a mod_auth_ldap.so with SSL support ... and i'm realizing
    that the apache shipping with SuSE 9.2 doesn't include this. what are my
    options? do i need to compile apache myself? or can i get away with less
    work ... perhaps ... just compiling mod_auth_ldap (w/SSL support)?

    --sk

    stuart kendrick
    fhcrc

    more detail:

    i'm using mod_auth_ldap, and i'm happy with it ... and now i'd like to
    point it at an ldaps box:

    <Directory "/srv/www/htdocs/test">
      AuthName Test
      AuthType Basic
      AuthLDAPBindDN cn=whatever,ou=something,dc=company,dc=com
      AuthLDAPBindPassword secret
      AuthLDAPURL ldaps://foo.company.com:636/dc=company,dc=com?sAMAccountName?sub?(objectClass=user)
      Require valid-user
    </Directory>

    when i start apache, i see the following in my logs ... not encouraging:

    [Mon Feb 28 11:29:11 2005] [notice] LDAP: Built with OpenLDAP LDAP SDK
    [Mon Feb 28 11:29:11 2005] [notice] LDAP: SSL support unavailable
    [Mon Feb 28 11:29:11 2005] [notice] LDAP: Built with OpenLDAP LDAP SDK
    [Mon Feb 28 11:29:11 2005] [notice] LDAP: SSL support unavailable
    [Mon Feb 28 11:37:54 2005] [notice] Apache/2.0.50 (Linux/SUSE) configured
    -- resuming normal operations

    and when i pull up a protected URL, i see:

    [Mon Feb 28 11:33:03 2005] [warn] [client 10.1.2.3] [13836] auth_ldap
    authenticate: user testuser authentication failed; URI /test [LDAP: ssl
    connections not supported][Can't contact LDAP server] 

    -- 
Check the headers for your unsubscription address
For additional commands send e-mail to suse-linux-e-help@suse.com
Also check the archives at http://lists.suse.com
Please read the FAQs: suse-linux-e-faq@suse.com
  • Next message: Richard Bos: "Re: [SLE] Location of particular apt rpms"

    Relevant Pages

    • Apache build and SSL problem
      ... I'm learning Linux with Fedora Core 2 and picked up a book called ... SSL support per the instructions in the book. ... When I checked the Apache error logs I only see a message about a file ... installing and I've double/triple checked my install scripts compared ...
      (Fedora)
    • Re: Apache build and SSL problem
      ... >> SSL support per the instructions in the book. ... > The Apache httpd webserver is not running out of the box. ... > service httpd status ...
      (Fedora)
    • Re: [freebsd-questions] Best way to add SSL to Apache 1.3.37
      ... add SSL support, but I'm not sure of the best way to go about it. ... may I ask why are you using Apache 1.3.x? ... they are listed conflicts.(in the ... Your users will use HTTPS if they so request ...
      (freebsd-questions)
    • Re: apache2ssl_enable="YES" to /etc/rc.conf not starting apache2 on boot
      ... Derkjan de Haan wrote: ... > If I understood correctly one has to start both, because SSL support is ... > actually some sort of a plugin to the main web server. ... > with httpd.conf so that apache doesn't bind to the network interface. ...
      (freebsd-stable)
    • Re: LDAP Authentication from Linux
      ... doesn't the LDAP module in Apache require a secure connection on most recent Linux systems? ... Moving the ldap45457 user into the same OU as the rest of my normal users, and then changing apache to the below, and also adding "List Contents" Read permissions to that OU, as per what I read here for anonymous access. ... user marsh authentication failed; ...
      (microsoft.public.windows.server.sbs)