[SAC] https on web vm
Martin Spott
Martin.Spott at mgras.net
Wed May 25 14:36:51 EDT 2011
On Wed, May 25, 2011 at 11:19:05AM -0700, Tyler Mitchell wrote:
> It used to run using port 389 but that connection is rejected by
> ldap.osgeo.org when trying from osgeo1. I get a response at least on
> 636 but drupal doesn't get through.
Unencrypted LDAP on port 389 is not available anymore on the new LDAP
server - simply for security reasons. I don't want every password hash
to go over non-local connections without encryption.
> Do we have an anonymous search uid available?
On Unix LDAP we don't need any particular UID for anonymous search - in
contrary to M$ ADS ;-)
But to me it looks like you're having a point - at least this is the
track I'm following: Whereas anonymous search works quite well from all
the new VM's as well as a couple more 'standalone' machines (note:
different distros involved !), it's getting a "certificate verify
failed" response when trying to connect from 'osgeo1'. If this is the
right track, then we'll have a solution very soon ....
Yet I wonder why this had been working perfectly on the first tests I
did immediately after migrating the LDAP server.
Cheers,
Martin.
--
Unix _IS_ user friendly - it's just selective about who its friends are !
--------------------------------------------------------------------------
More information about the Sac
mailing list