> Thank you so much for your answer. But can you guide me where and how to add selfsign certificate in the keystore file?
>Ive tried use ldap with port 389. CAS is loaded, but when im trying to login with my username and password its return error. LDAP: error code 8 - BindSimple: Transport encryption required On Friday, July 12, 2019 at 2:39:25 PM UTC+7, casuser wrote: > > You need to add the self sign certificate in thekeystore file of CAS, also > check of the port 636 is open or not. Actually you don't need ldaps for cas > authentication. Bellow is my ldap config which works for me. Check whether > your ports are open or not. > > cas.authn.ldap[0].principalAttributeList > =sAMAccountName,cn,givenName,memberOf,userPrincipalName,department,title,distinguishedName > cas.authn.ldap[0].collectDnAttribute=false > #cas.authn.ldap[0].principalDnAttributeName=sAMAccountName > # cas.authn.ldap[0].allowMultiplePrincipalAttributeValues=true > # cas.authn.ldap[0].allowMissingPrincipalAttributeValue=true > #cas.authn.ldap[0].credentialCriteria= > cas.authn.ldap[0].ldapUrl=ldap://myldap:389 > cas.authn.ldap[0].bindDn=CN=myldapadmin,OU=admin,DC=example,DC=edu > cas.authn.ldap[0].bindCredential=mypass > cas.authn.ldap[0].minPoolSize=3 > cas.authn.ldap[0].maxPoolSize=10 > cas.authn.ldap[0].validateOnCheckout=true > cas.authn.ldap[0].validatePeriodically=true > cas.authn.ldap[0].validatePeriod=600 > #cas.authn.ldap[0].validateTimeout=PT5S > cas.authn.ldap[0].failFast=true > # cas.authn.ldap[0].idleTime=PT10M > # cas.authn.ldap[0].prunePeriod=PT2H > # cas.authn.ldap[0].blockWaitTime=PT3S > cas.authn.ldap[0].useSsl=false > cas.authn.ldap[0].useStartTls=false > #cas.authn.ldap[0].responseTimeout=PT5S > cas.authn.ldap[0].allowMultipleDns=false > #cas.authn.ldap[0].name= > cas.authn.ldap[0].type=AUTHENTICATED > cas.authn.ldap[0].baseDn=DC=example,DC=edu > cas.authn.ldap[0].subtreeSearch=true > cas.authn.ldap[0].searchFilter=sAMAccountName={user} > cas.authn.ldap[0].enhanceWithEntryResolver=true > #cas.authn.ldap[0].derefAliases=NEVER|SEARCHING|FINDING|ALWAYS > cas.authn.ldap[0].dnFormat=uid=%s,DC=example,DC=edu > #cas.authn.ldap[0].principalAttributePassword= > cas.authn.ldap[0].followReferrals=false > cas.authn.ldap[0].hostnameVerifier=ANY > > On Fri, Jul 12, 2019 at 2:54 PM Alex Samosir <[email protected] > <javascript:>> wrote: > >> Yes. Because Its in my local PC. >> >> On Friday, July 12, 2019 at 8:03:24 AM UTC+7, casuser wrote: >>> >>> Are you using a self signed certificate? >>> >>> >>> On Fri, Jul 12, 2019 at 12:12 AM Alex Samosir <[email protected]> >>> wrote: >>> >>>> Im trying to connect CAS with my LDAP Server. And im following The New >>>> School Tutorial by the way. >>>> But its no luck >>>> Im facing this error >>>> >>>> [image: ldaps.png] >>>> >>>> >>>> >>>> Ive already tried that configuration with my LDAP Browser >>>> And its success and connected >>>> >>>> >>>> [image: ldap browser.png] >>>> >>>> [image: LDAP BROWSER SUCCESS.png] >>>> here is my cas.properties >>>> >>>> cas.authn.ldap[0].order: 0 >>>> cas.authn.ldap[0].name: LDAP >>>> cas.authn.ldap[0].type: AUTHENTICATED >>>> cas.authn.ldap[0].ldapUrl: ldaps://10.2.2.64 >>>> cas.authn.ldap[0].validatePeriod: 270 >>>> #cas.authn.ldap[0].poolPassivator: BIND >>>> cas.authn.ldap[0].searchFilter: cn={user} >>>> cas.authn.ldap[0].baseDn: >>>> cn=Users,DC=app,DC=lkpp,DC=go,DC=id >>>> #cas.authn.ldap[0].dnFormat: >>>> cn=%s,CN=Users,DC=app,DC=lkpp,DC=go,DC=id >>>> >>>> cas.authn.ldap[0].bindDn:cn=Administrator,cn=Users,dc=app,dc=lkpp,dc=go,dc=id >>>> cas.authn.ldap[0].bindCredential:**************** >>>> >>>> any suggestion what I did wrong? >>>> >>>> -- >>>> - Website: https://apereo.github.io/cas >>>> - Gitter Chatroom: https://gitter.im/apereo/cas >>>> - List Guidelines: https://goo.gl/1VRrw7 >>>> - Contributions: https://goo.gl/mh7qDG >>>> --- >>>> You received this message because you are subscribed to the Google >>>> Groups "CAS Community" group. >>>> To unsubscribe from this group and stop receiving emails from it, send >>>> an email to [email protected]. >>>> To view this discussion on the web visit >>>> https://groups.google.com/a/apereo.org/d/msgid/cas-user/17449e07-16ac-4650-8b38-9008603a15de%40apereo.org >>>> >>>> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/17449e07-16ac-4650-8b38-9008603a15de%40apereo.org?utm_medium=email&utm_source=footer> >>>> . >>>> >>> >>> >>> -- >>> -Fazla. >>> >> -- >> - Website: https://apereo.github.io/cas >> - Gitter Chatroom: https://gitter.im/apereo/cas >> - List Guidelines: https://goo.gl/1VRrw7 >> - Contributions: https://goo.gl/mh7qDG >> --- >> You received this message because you are subscribed to the Google Groups >> "CAS Community" group. >> To unsubscribe from this group and stop receiving emails from it, send an >> email to [email protected] <javascript:>. >> To view this discussion on the web visit >> https://groups.google.com/a/apereo.org/d/msgid/cas-user/79e4a05b-07ab-4ca6-abae-ca5095edd10a%40apereo.org >> >> <https://groups.google.com/a/apereo.org/d/msgid/cas-user/79e4a05b-07ab-4ca6-abae-ca5095edd10a%40apereo.org?utm_medium=email&utm_source=footer> >> . >> > > > -- > -Fazla. > -- - Website: https://apereo.github.io/cas - Gitter Chatroom: https://gitter.im/apereo/cas - List Guidelines: https://goo.gl/1VRrw7 - Contributions: https://goo.gl/mh7qDG --- You received this message because you are subscribed to the Google Groups "CAS Community" group. To unsubscribe from this group and stop receiving emails from it, send an email to [email protected]. To view this discussion on the web visit https://groups.google.com/a/apereo.org/d/msgid/cas-user/131b6d45-86eb-478a-a338-cc2709ccffee%40apereo.org.
