httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Eric Covener" <>
Subject Re: [users@httpd] mod_authnz_ldap and SSL
Date Wed, 17 Oct 2007 17:01:07 GMT
On 10/17/07, Alexander Fortin <> wrote:
> <IfModule util_ldap.c>
>          LDAPTrustedGlobalCert CA_BASE64 /etc/ssl/certs/cacert.pem
>          LDAPTrustedMode SSL
>          LDAPVerifyServerCert off
> </IfModule>

Wireshark will format the initial stages of the handshake pretty
nicely, you might see something fishy or a plaintext SSL Alert.

Can openssl handshake w/ the ldap server?  Is its cert  issued by that
cacert.pem?  Can openssl validate the cert chain when you give it that
same cacert.pem?

Eric Covener

The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:> for more info.
To unsubscribe, e-mail:
   "   from the digest:
For additional commands, e-mail:

View raw message