I have tried this same configuration on Windows Server 2003, as well as Windows XP workstation. The results are essentially the same, but the error is different:
[warn] [client 127.0.0.1] [3312] auth_ldap authenticate: user lizard authentication failed; URI / [LDAP: ldap_simple_bind_s() failed][Server Down] ... which actually seems less accurate, as the server isn't down - it just won't start an SSL connection. When trying to connect through to an openLDAP server, it only give a TLS accept failure error=-1 I assume this means that it tried to establish a connection over TLS/SSL, but the client (Apache ldap_mod) refused to cooperate. Looks like I'm stuck. Thx... HH On Tue, Feb 26, 2008 at 1:12 PM, Harry Holt <[EMAIL PROTECTED]> wrote: > > On Tue, Feb 26, 2008 at 12:41 PM, Udo Rader <[EMAIL PROTECTED]> > wrote: > > > > > On Tue, 2008-02-26 at 12:35 -0500, Harry Holt wrote: > > > Okay, apparently, with the binary distribution of Apache 2.2 for > > > Win32, it is not possible to initialize an SSL connection to an LDAP > > > server using mod_ldap and mod_authnz_ldap. > > > > > > During startup I get: > > > > > > [info] LDAP: SSL support unavailable: LDAP: CA certificates cannot be > > > set using this method, as they are stored in the registry instead. > > > > > > And if I try to initiate an SSL connection with an LDAP server I get: > > > > > > [warn] [client 127.0.0.1] [8048] auth_ldap authenticate: user vec02 > > > authentication failed; URI /svn [LDAP: an attempt to set LDAP_OPT_SSL > > > on failed.][Parameter Error] > > > > > > So, my questions: > > > > > > Am I crazy or is LDAP over SSL just not supported for this > > > distribution? and > > > > > > If I'm not crazy, is there a binary distribution of aprutil-1.dll that > > > will support this (that anyone knows of) or will I have to figure out > > > how to compile it myself? > > > > > > I appreciate any info and pointers. > > > > ... maybe you should start by posting some configuration excerpts? > > > > -- > > Udo Rader > > > > bestsolution.at EDV Systemhaus GmbH > > http://www.bestsolution.at > > > > > > > > > > > -- Harry Holt, PMP
