httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Mark H. Wood" <mw...@IUPUI.Edu>
Subject Re: [users@httpd] 2.2.6 mod_authnz_ldap connect/disconnect repeatedly without doing LDAP
Date Tue, 13 Nov 2007 15:10:02 GMT
On Tue, Nov 13, 2007 at 09:38:49AM -0500, Eric Covener wrote:
> On Nov 13, 2007 9:24 AM, Mark H. Wood <mwood@iupui.edu> wrote:
> 
> > > Are you able to try the same LDAP server w/o SSL?
> >
> > I just did, and it works.  I'd welcome suggestions as to how I can get
> > it working with SSL, as I don't want to be throwing cleartext
> > passwords across the wire.
> >
> 
> if you look at things in wireshark/ethereal. and force it to formas as
> SSL, do you see anything alarming?

I suppose it's alarming that I see no SSL handshake at all.  httpd
opens a TCP connection and closes it immediately.  There are no
application-layer packets at all.  SYN/SYN-ACK/ACK, FIN.

> Can you handshake w/ your ldaps:// server using the openssl command
> line client, passing the same /etc/ssl/certs via -CApath?

Yes.

This setup was working for months using httpd 2.0, although I see that
I asked about the same behavior when first setting up 2.0 and then it
cleared up for no apparent reason.

-- 
Mark H. Wood, Lead System Programmer   mwood@IUPUI.Edu
Typically when a software vendor says that a product is "intuitive" he
means the exact opposite.


Mime
View raw message