httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Brad Nicholes" <>
Subject Re: AuthLDAPCertDBPath ???
Date Wed, 12 Mar 2003 00:13:37 GMT
Yes.  In order to support SSL on multiple platforms, a more generic
directive was required.  To specify a cert7.db file you will need to use
the directives:

LDAPTrustedCA <path to cert7.db>

The most recent documentation page for mod_ldap contains the
description of the new directive.


Brad Nicholes
Senior Software Engineer
Novell, Inc., the leading provider of Net business solutions 

>>> Tuesday, March 11, 2003 4:53:25 PM >>>

Well, after successfully compiling auth_ldap with the 
OpenLDAP libs I found that it doesn't jive well with 
our Netscape LDAP server.. 

So... I finally rebuilt with the Netscape4-LDAP-SDK

Since then I received the following error:

[Tue Mar 11 00:42:19 2003] [warn] [client] [1667653]
auth_ldap authenticate: user 25145 authentication failed; URI
/secure/finance/FA/search.jsp [secure LDAP requested, but no CA cert
defined][Unknown error], referer:http://

So, I then placed my cert7.db file in APACHE2/conf directory and
to the cert db file by using the following in my httpd.conf:

Syntax error on line 1073 of /usr/local/apache2/conf/httpd.conf:
Invalid command 'AuthLDAPStartTLS', perhaps mis-spelled or defined by
module not included in the server configuration

auth_ldap was built statically into the core and not ran as a mod.

Is there a different command used for Apache2 to load the cert7.db

It worked for our older 1.3 apache..


-- Trev

Trevor Hurst
Senior Systems Administrator
DCO Unix Production Systems
Silicon Graphics
Office Ph: 650.933.6144

Thus a mind that is free from passion is a very citadel;
man has no stronger fortress in which to seek shelter and
defy every assault. Failure to perceive this is ignorance;
but to perceive it, and still not to seek its refuge, is
misfortune indeed. --Marcus Aurelius

View raw message