httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Sandro Tosi <sandro.t...@register.it>
Subject Re: [users@httpd] LDAP: ldap_set_option failed. Could not set LDAP_OPT_X_TLS to LDAP_OPT_X_TLS_HARD
Date Mon, 02 Nov 2009 11:01:24 GMT
Emmanuel Bailleul wrote:
> Hi,
>
> Did you try your LDAPS connection with ldapsearch first ? (sth like ldapsearch -H <ldaps
url> -x ...). 
>   
Sorry I didn't mentioned: yes, I have tested, and with ldapsearch it 
works fine (using the name address and not the IP address)
> An important thing : when calling your ldap server, do use the resolved name rather than
the IP. You can even add it in your hosts file if needed.
>   
I use the name address and not the IP address. Do you think that's the 
problem? I think it doesn't even try to connect to the ldap server. 
Anyhow, I gave it a try, and same error come.
> Two other things :
> - what king of ldap server are u using ?
>   
it's "OpenLDAP server (slapd) version 2.4.11-1" (Debian Lenny).
> - when building, are you sure you did not have several ssl toolkits/versions installed
? Can you confirm httpd has been built with the correct one (I just remember having made this
mistake once and having to build with an option like "--with-ssl=<path-to-the-right-openssl-dir")
?
I actually used "--with-ssl=/path/to/openssl-0.9.8g-16052008". But, hey, 
now that I look at it, in the error.log I see:

[Mon Nov 02 11:26:54 2009] [info] mod_ssl/2.2.14 compiled against 
Server: Apache/2.2.14, Library: OpenSSL/0.9.7e

WTH?! why is using 0.9.7e while I told him to link against 0.9.8g?

Infact

# strings modules/mod_ssl.so | grep '0.9.7' | wc -l
33

Could that be the problem? Any suggestion how to fix that? Other to look?

Thanks a lot,
Sandro

---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
   "   from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org


Mime
View raw message