Ok, it's pretty basic:
ServerRoot "C:/Program Files/Apache Software Foundation/Apache2.2"
Listen 80
LoadModule actions_module modules/mod_actions.so
LoadModule alias_module modules/mod_alias.so
LoadModule asis_module modules/mod_asis.so
LoadModule auth_basic_module modules/mod_auth_basic.so
LoadModule authn_default_module modules/mod_authn_default.so
LoadModule authn_file_module modules/mod_authn_file.so
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule authz_dbm_module modules/mod_authz_dbm.so
LoadModule authz_default_module modules/mod_authz_default.so
LoadModule authz_groupfile_module modules/mod_authz_groupfile.so
LoadModule authz_host_module modules/mod_authz_host.so
LoadModule authz_owner_module modules/mod_authz_owner.so
LoadModule authz_user_module modules/mod_authz_user.so
LoadModule autoindex_module modules/mod_autoindex.so
#LoadModule dav_module modules/mod_dav.so
#LoadModule dav_svn_module modules/svn/mod_dav_svn.so
LoadModule dir_module modules/mod_dir.so
LoadModule env_module modules/mod_env.so
LoadModule include_module modules/mod_include.so
LoadModule isapi_module modules/mod_isapi.so
LoadModule ldap_module modules/mod_ldap.so
LoadModule log_config_module modules/mod_log_config.so
LoadModule mime_module modules/mod_mime.so
LoadModule negotiation_module modules/mod_negotiation.so
LoadModule setenvif_module modules/mod_setenvif.so
LoadModule ssl_module modules/mod_ssl.so
<IfModule !mpm_netware_module>
<IfModule !mpm_winnt_module>
User daemon
Group daemon
</IfModule>
</IfModule>
ServerAdmin [EMAIL PROTECTED]
DocumentRoot "D:/wwwroot/htdocs"
<IfModule dir_module>
DirectoryIndex index.html
</IfModule>
<FilesMatch "^\.ht">
Order allow,deny
Deny from all
Satisfy All
</FilesMatch>
ErrorLog "logs/error.log"
#LogLevel warn
LogLevel debug
<IfModule log_config_module>
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\" \"%{User-Agent}i\""
combined
LogFormat "%h %l %u %t \"%r\" %>s %b" common
<IfModule logio_module>
# You need to enable mod_logio.c to use %I and %O
LogFormat "%h %l %u %t \"%r\" %>s %b \"%{Referer}i\"
\"%{User-Agent}i\" %I %O" combinedio
</IfModule>
CustomLog "logs/access.log" common
</IfModule>
<IfModule alias_module>
ScriptAlias /cgi-bin/ "C:/Program Files/Apache Software
Foundation/Apache2.2/cgi-bin/"
</IfModule>
DefaultType text/plain
<IfModule mime_module>
TypesConfig conf/mime.types
AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz
</IfModule>
<IfModule ssl_module>
SSLRandomSeed startup builtin
SSLRandomSeed connect builtin
</IfModule>
# Certificate for conneccting to LDAP server (eDir)
# LDAPTrustedGlobalCert CA_DER conf/CACert.der
# LDAPTrustedMode SSL
#LDAPVerifyServerCert Off
<Directory "D:/wwwroot/htdocs">
AllowOverride All
Options FollowSymLinks Includes
Order allow,deny
Allow from all
</Directory>
# Subversion setup
<Location "/">
# LDAP Authentication & Authorization is final; do not check other
databases
AuthzLDAPAuthoritative OFF
AuthLDAPUrl ldaps://ldap.intranet.mysite/o=mysite?uid SSL
# Do basic password authentication (IN THE CLEAR!?) - no, not over SSL
AuthType Basic
AuthName "TEST Root directory"
AuthBasicProvider ldap
Require valid-user
</Location>
On Tue, Feb 26, 2008 at 12:41 PM, Udo Rader <[EMAIL PROTECTED]>
wrote:
>
> On Tue, 2008-02-26 at 12:35 -0500, Harry Holt wrote:
> > Okay, apparently, with the binary distribution of Apache 2.2 for
> > Win32, it is not possible to initialize an SSL connection to an LDAP
> > server using mod_ldap and mod_authnz_ldap.
> >
> > During startup I get:
> >
> > [info] LDAP: SSL support unavailable: LDAP: CA certificates cannot be
> > set using this method, as they are stored in the registry instead.
> >
> > And if I try to initiate an SSL connection with an LDAP server I get:
> >
> > [warn] [client 127.0.0.1] [8048] auth_ldap authenticate: user vec02
> > authentication failed; URI /svn [LDAP: an attempt to set LDAP_OPT_SSL
> > on failed.][Parameter Error]
> >
> > So, my questions:
> >
> > Am I crazy or is LDAP over SSL just not supported for this
> > distribution? and
> >
> > If I'm not crazy, is there a binary distribution of aprutil-1.dll that
> > will support this (that anyone knows of) or will I have to figure out
> > how to compile it myself?
> >
> > I appreciate any info and pointers.
>
> ... maybe you should start by posting some configuration excerpts?
>
> --
> Udo Rader
>
> bestsolution.at EDV Systemhaus GmbH
> http://www.bestsolution.at
>
>
> >
>
--
Harry Holt, PMP
