top button
Flag Notify
    Connect to us
      Facebook Login
      Site Registration Why to Join

Facebook Login
Site Registration
Print Preview

Issue with LDAPVerifyServerCert flag using Apache

0 votes
119 views

If LDAPVerifyServerCert is enabled in SSL , authentication fails with Message simple bind failed. If LDAPVerifyServerCert is disabled in SSL there is no issue.

LDAP server is OpenLdap.

What configuration w.r.t LDAP/SSL I need to check so that authentication succeeds with LDAPVerifyServerCertflag ON.

posted Jun 27, 2013 by anonymous

Share this question
Facebook Share Button Twitter Share Button Google+ Share Button LinkedIn Share Button Multiple Social Share Button

1 Answer

0 votes

What certificate are you using? I guess if self sign it will never get verified.

answer Jun 27, 2013 by anonymous
Similar Questions
+3 votes

We have integrated apache web server with our internal LDAP and we have requirement to provision role based access to the folders in the docroot. We have earlier used SVN and we were using AuthzSVNAccessFile to meet this requirement. Contents of the file will look like this.

[groups]
users = usera
admins = usera, userb
[/]
users = r

[/folderA]
admins= r

Now we are looking for something similar with the apache directives, is it possible? if not, can you please give us an alternate?

I have tried "Require ", it doesn’t solve our requirement.

+1 vote

I want information regarding adding index on an ldap attribute.

My directory structure is like:

ObjectClass Hierarchy: Company=>Department (In dc=example,dc=com)

Inside ObjectClass"Company", One of the attributes "UserID" to be indexed. I have added index on the same as per following in slapd.conf:

index UserID eq

Kindly let me know whether it is the correct syntax of defining an index.

+1 vote

I have IIS and Apache both running on my server. Apache is on 8080. I am having some DNS mapping issues.

I have a virtual host entry as follows:

  ServerName something.domain.com
  DocumentRoot "D:/www/public_html"

    Options Indexes FollowSymLinks
    AllowOverride All

      Order allow,deny                          
      Allow from all

   = 2.3>
     Require all granted

Is there something wrong with this? because when I browse to something.domain.com, it gives me a 404 error. I can't even browse it as something.domain.com:8080. If I map the same domain on IIS it works fine and lets me browse to something.domain.com

I am able to browse to my Apache site via localhost:8080 but not with something.domain.com. Can anyone help me.

My Host file has the following entry

127.0.0.1      TestDevServer

Please help me map my domain (sub domain in this case) to point at the location of my site.

0 votes

I have updated my second server from Apache 2.2.x to Apache 2.4.x, first server went fine with no problems. The second server however is having difficulty with a few directories that I had password protected with basic authentication. I am using Apache 2.4.4 as its the current port on FreeBSD, and I am aware of the htpasswd bug in that version, and have confirmed its not the cause of my problem, in fact I tried switching over to digest authentication with the same result.

I have the directives configured as follows.

 Options Indexes FollowSymLinks
 AllowOverride None
 Require all granted

 Require all denied

 SSLRequireSSL
 Require all denied
 AuthType basic
 AuthBasicProvider file
 AuthName "SARG"
 AuthUserFile /usr/local/www/apache24/data/sarg/.htpasswd
 Require valid-user

I don't get any errors, just a login loop, doesn't matter if I use a valid username password combination or invalid, I can even move the .htpasswd file out of the folder which should cause an error, but no
error ever gets logged even with debugging on.

The only log I get is the entry showing me the get request that was

marked as 401 unauthenticated:
[09/Jul/2013:09:41:16 -0500] "GET /sarg/index.html HTTP/1.1" 401 381

Does anyone have any clue what I could be missing?

0 votes

We are currently using HTTP connector in tomcat 7.42 and planning to switch to AJP NIO connector. When I was reading through the docs I found "WARNING: The NIO connector for AJP is experimental."

This made me think that NIO connector might not be mature at this point. Can somebody who had experience with NIO connector let me know if it is stable and any pitfalls I should be aware of?

Stable enough to be used on enterprise apps which is expected to get thousands of requests in a hour?

Any information would be helpful.


Useful Links with Similar Problem
Contact Us
+91 9880187415
sales@queryhome.net
support@queryhome.net
#280, 3rd floor, 5th Main
6th Sector, HSR Layout
Bangalore-560102
Karnataka INDIA.
QUERY HOME
...