On Mon, Feb 28, 2005 at 11:40:12AM -0800, Stuart Kendrick wrote:
i would like a mod_auth_ldap.so with SSL support ... and i'm realizing that the apache shipping with SuSE 9.2 doesn't include this. what are my options? do i need to compile apache myself? or can i get away with less work ... perhaps ... just compiling mod_auth_ldap (w/SSL support)?
Your conclusion is wrong, you just need to configure it. See the documentation of mod_ldap and mod_auth_ldap.
--sk
stuart kendrick fhcrc
more detail:
i'm using mod_auth_ldap, and i'm happy with it ... and now i'd like to point it at an ldaps box:
<Directory "/srv/www/htdocs/test"> AuthName Test AuthType Basic AuthLDAPBindDN cn=whatever,ou=something,dc=company,dc=com AuthLDAPBindPassword secret AuthLDAPURL ldaps://foo.company.com:636/dc=company,dc=com?sAMAccountName?sub?(objectClass=user) Require valid-user </Directory>
when i start apache, i see the following in my logs ... not encouraging:
[Mon Feb 28 11:29:11 2005] [notice] LDAP: Built with OpenLDAP LDAP SDK [Mon Feb 28 11:29:11 2005] [notice] LDAP: SSL support unavailable [Mon Feb 28 11:29:11 2005] [notice] LDAP: Built with OpenLDAP LDAP SDK [Mon Feb 28 11:29:11 2005] [notice] LDAP: SSL support unavailable [Mon Feb 28 11:37:54 2005] [notice] Apache/2.0.50 (Linux/SUSE) configured -- resuming normal operations
and when i pull up a protected URL, i see:
[Mon Feb 28 11:33:03 2005] [warn] [client 10.1.2.3] [13836] auth_ldap authenticate: user testuser authentication failed; URI /test [LDAP: ssl connections not supported][Can't contact LDAP server]
Peter -- the little can of spam got the big can of spam