httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Muthu <>
Subject Re: [users@httpd] mod_auth_ldap TLS Authoriztion
Date Wed, 25 Jan 2006 04:02:57 GMT

       I am trying to use only TLS. I am using the openldap 2.2.28 
libraries. Do I need to have ssl supported libraries even if I need only 
TLS support.?

       I am following through the document

       I have the following entries in the /etc/openldap/ldap.conf for 

TLS_CACERT /home/httpd/.ldapclientcert.pem

       I have not set the options  LDAPTrustedGlobalCert, 
LDAPTrustedClientCert and LDAPTrustedMode.

Thanks & Regards,

Ricardo Stella wrote:

>Well, first things first... Did the module actually linked the ssl
>libraries ?  Which libraries did you tried to link it to ?  iPlanet's
>only support SSL...
>Also, you need to tell apache where the certs are, ie
>LDAPTrustedGlobalCert, LDAPTrustedClientCert and LDAPTrustedMode.
>Read more
>There's no such thing as AuthLDAPStartTLS...
>Muthu wrote:
>>Hi all,
>>         I am trying to use LDAP authentication using mod_auth_ldap
>>module(ver 3.33) in apache 2.0.55.
>>         I have a .htaccess file like below,
>>AuthType Basic
>>AuthName "Password Required"
>>AuthLDAPURL ldap://,dc=net?cn
>>AuthLDAPStartTLS on
>>require valid-user
>>When I am accessing the page I am getting the below mentioned error in
>>the /var/log/apache2/error.log
>>[Sat Jan 21 13:07:41 2006] [debug] mod_auth_ldap.c(884): LDAP:
>>auth_ldap not using SSL connections
>>[Sat Jan 21 13:07:41 2006] [alert] [client]
>>/var/www/localhost/htdocs/test/.htaccess: *Invalid command
>>'AuthLDAPStartTLS'*, perhaps mis-spelled or defined by a module not
>>included in the server configuration
>>If I remove the "AuthLDAPStartTLS on" directive from the .htaccess, I
>>am getting authenticated against LDAP server. I want to use TLS
>>authorization. Can somebody help me?.
>>Thanks & Regards,
>The official User-To-User support forum of the Apache HTTP Server Project.
>See <URL:> for more info.
>To unsubscribe, e-mail:
>   "   from the digest:
>For additional commands, e-mail:

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message