How to import certificate for Apache + LDAPS?
Posted
by
user101956
on Server Fault
See other posts from Server Fault
or by user101956
Published on 2011-11-23T21:46:09Z
Indexed on
2011/11/24
1:55 UTC
Read the original article
Hit count: 753
I am trying to get ldaps to work through Apache 2.2.17 (Windows Server 2008). If I use ldap (plain text) my configuration works great.
LDAPTrustedGlobalCert CA_DER C:/wamp/certs/Trusted_Root_Certificate.cer
LDAPVerifyServerCert Off
<Location />
AuthLDAPBindDN "CN=corpsvcatlas,OU=Service Accounts,OU=u00958,OU=00958,DC=hca,DC=corpad,DC=net"
AuthLDAPBindPassword ..removed..
AuthLDAPURL "ldaps://gc-hca.corpad.net:3269/dc=hca,dc=corpad,dc=net?sAMAccountName?sub"
AuthType Basic
AuthName "USE YOUR WINDOWS ACCOUNT"
AuthBasicProvider ldap
AuthUserFile /dev/null
require valid-user
</Location>
I also tried the other encryption choices besides CA_DER just to be safe, with no luck.
Finally, I also needed this with Apache tomcat. For tomcat I used the tomcat JRE and ran a line like this: keytool -import -trustcacerts -keystore cacerts -storepass changeit -noprompt -alias mycert -file Trusted_Root_Certificate.cer
After doing the above line ldaps worked greate via tomcat. This lets me know that my certificate is a-ok.
Update: Both ldap modules are turned on, since using ldap instead of ldaps works fine.
When I run a git clone this is the error returned: C:\Temp>git clone http://eqb9718@localhost/git/Liferay.git Cloning into Liferay... Password: error: The requested URL returned error: 500 while accessing http://eqb9718@loca lhost/git/Liferay.git/info/refs fatal: HTTP request failed
access.log has this: 127.0.0.1 - eqb9718 [23/Nov/2011:18:25:12 -0600] "GET /git/Liferay.git/info/refs service=git-upload-pack HTTP/1.1" 500 535 127.0.0.1 - eqb9718 [23/Nov/2011:18:25:33 -0600] "GET /git/Liferay.git/info/refs HTTP/1.1" 500 535
apache_error.log has nothing. Is there any more verbose logging I can turn on or better tests to do?
© Server Fault or respective owner
