Hi, I am trying to get PrivacyIDEA to connect to my OpenLDAP Server with
self signed TLS cert.
ldap://ldap.mydomain = Your LDAP config seems to be OK, 0 user objects
found.
ldaps://ldap.mydomain = LDAPServerPoolExhaustedError(‘no active server
available in server pool’,)
I can use a windows tool “LDAP Admin” to connect to the LDAP Server with
and without TLS.
I have had a look in the logs but have been unable to spot anything awry. I
am guessing it might be a issue with my certificate being self signed but I
don’t want to purchase a cert justnow so if that is the problem I would
like to get PrivacyIDEA to accept my cert for the time being.
If you have any other problems or issues, please do not hesitate to drop
them here.
Kind regards
CorneliusAm Mittwoch, den 25.11.2015, 05:12 -0800 schrieb Keef:
Ah, I’ve figured it out. I thought it was possible to do a ldaps://
connection to port 389. It might just be the way I have configured my
OpenLDAP server but I thought you could connect on port 389 and the
connection would get upgraded to TLS… Anyway I realied that OpenLDAP
service was listening on both ports 389 and 636 but the firewall on my
OpenLDAP server was blocking port 636 so that is the reason I couldn’t
connect with ldaps:// Opening port 636 has resolved this problem for
me.
Cheers
Keith
On Wednesday, 25 November 2015 12:58:26 UTC, Keef wrote:
Hi, I am trying to get PrivacyIDEA to connect to my OpenLDAP
Server with self signed TLS cert.
ldap://ldap.mydomain = Your LDAP config seems to be OK, 0 user
objects found.
ldaps://ldap.mydomain = LDAPServerPoolExhaustedError('no
active server available in server pool',)
I can use a windows tool "LDAP Admin" to connect to the LDAP
Server with and without TLS.
I have had a look in the logs but have been unable to spot
anything awry. I am guessing it might be a issue with my
certificate being self signed but I don't want to purchase a
cert justnow so if that is the problem I would like to get
PrivacyIDEA to accept my cert for the time being.
Can any help ?
Thanks
Keith
Ah, I’ve figured it out. I thought it was possible to do a ldaps://
connection to port 389. It might just be the way I have configured my
OpenLDAP server but I thought you could connect on port 389 and the
connection would get upgraded to TLS… Anyway I realied that OpenLDAP
service was listening on both ports 389 and 636 but the firewall on my
OpenLDAP server was blocking port 636 so that is the reason I couldn’t
connect with ldaps:// Opening port 636 has resolved this problem for me.
Cheers
KeithOn Wednesday, 25 November 2015 12:58:26 UTC, Keef wrote:
Hi, I am trying to get PrivacyIDEA to connect to my OpenLDAP Server with
self signed TLS cert.
ldap://ldap.mydomain = Your LDAP config seems to be OK, 0 user objects
found.
ldaps://ldap.mydomain = LDAPServerPoolExhaustedError(‘no active server
available in server pool’,)
I can use a windows tool “LDAP Admin” to connect to the LDAP Server with
and without TLS.
I have had a look in the logs but have been unable to spot anything awry.
I am guessing it might be a issue with my certificate being self signed but
I don’t want to purchase a cert justnow so if that is the problem I would
like to get PrivacyIDEA to accept my cert for the time being.