httpd-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Otis Dewitt - NOAA Affiliate <otis.dew...@noaa.gov>
Subject Re: [users@httpd] Apache ldaps ceritificate directive issue
Date Wed, 15 Apr 2015 02:22:30 GMT
[image: top] <http://shib.ametsoc.org/manual/mod/mod_ldap.html#page-header>
LDAPTrustedCA DirectiveDescription:
<http://shib.ametsoc.org/manual/mod/directive-dict.html#Description>Sets
the file containing the trusted Certificate Authority certificate or
databaseSyntax:
<http://shib.ametsoc.org/manual/mod/directive-dict.html#Syntax>
LDAPTrustedCA directory-path/filenameContext:
<http://shib.ametsoc.org/manual/mod/directive-dict.html#Context>server
configStatus:
<http://shib.ametsoc.org/manual/mod/directive-dict.html#Status>Experimental
Module: <http://shib.ametsoc.org/manual/mod/directive-dict.html#Module>
mod_ldap

It specifies the directory path and file name of the trusted CA mod_ldap
<http://shib.ametsoc.org/manual/mod/mod_ldap.html> should use when
establishing an SSL connection to an LDAP server. If using the
Netscape/iPlanet Directory SDK, the file name should be cert7.db.
[image: top] <http://shib.ametsoc.org/manual/mod/mod_ldap.html#page-header>
LDAPTrustedCAType DirectiveDescription:
<http://shib.ametsoc.org/manual/mod/directive-dict.html#Description>Specifies
the type of the Certificate Authority fileSyntax:
<http://shib.ametsoc.org/manual/mod/directive-dict.html#Syntax>
LDAPTrustedCAType typeContext:
<http://shib.ametsoc.org/manual/mod/directive-dict.html#Context>server
configStatus:
<http://shib.ametsoc.org/manual/mod/directive-dict.html#Status>Experimental
Module: <http://shib.ametsoc.org/manual/mod/directive-dict.html#Module>
mod_ldap

The following types are supported:
DER_FILE - file in binary DER format
BASE64_FILE - file in Base64 format
CERT7_DB_PATH - Netscape certificate database file ")

Note: Add here:
          vi  /etc/http/conf.d/ca.conf

On Tue, Apr 14, 2015 at 7:49 PM, John Beaulaurier -X (jbeaulau - ADVANCED
NETWORK INFORMATION INC at Cisco) <jbeaulau@cisco.com> wrote:

>  Hello,
>
>
>
> We’re running Server version: Apache/2.0.63 that needs to be configured
> for LDAPS. I have run into an issue with the certificate directives.
>
>
>
> I have a .pem file with the trusted ca-certs, but when I configure
> httpd.conf to use it with the directives “LDAPTrustedCA /local/.pem” and
>  “LDAPTrustedCAType BASE64_FILE”
>
> The following error occurs.
>
>
>
> Syntax error on line 349 of /local/apache/conf/httpd.conf:
>
> LDAPTrustedCA not allowed here
>
>
>
> This is a directive for this Apache release, so I’m not sure why.
>
>
>
> Thanks
>
> -John
>
>
>

Mime
View raw message