You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@httpd.apache.org by SAQIB <sa...@seagate.com> on 2003/05/10 15:58:28 UTC
[users@httpd] LDAPTrustedCA and LDAPTrustedCAType
Hello everybody,
I am trying to get the LDAP over SSL working on Apache 2.x
The online documentation has the following two directive listed:
LDAPTrustedCA
LDAPTrustedCAType
to specify the CERT DB and CERT TYPE
So I added the following to my httpd.conf file:
...........
LDAPTrustedCA /usr/local/apache2/sslcert/cert7.db
LDAPTrustedCAType CERT7_DB_PATH
-----------
However, when I start apache I get the following msg in the error log:
..............
[Sat May 10 06:21:16 2003] [notice] LDAP: Built with OpenLDAP LDAP SDK
[Sat May 10 06:21:16 2003] [crit] LDAP: Invalid LDAPTrustedCAType
directive - BASE64_FILE type required
[Sat May 10 06:21:16 2003] [warn] LDAP: SSL initialization failed
[Sat May 10 06:21:16 2003] [notice] LDAP: SSL support unavailable
[Sat May 10 06:21:16 2003] [notice] Apache/2.0.45 (Unix) mod_ssl/2.0.45
OpenSSL/0.9.7b DAV/2 configured -- resuming normal operations
--------------
and here is my configure line:
./configure --enable-so --enable-mods-shared="ldap auth-ldap" --with-ldap
--with-auth-ldap --with-ldap-lib=/usr/local/iplanet-ldap-sdk.5/
--with-ldap-include=/usr/local/iplanet-ldap-sdk.5/
--with-ssl=/usr/local/ssl --enable-ssl --enable-rewrite --enable-dav
Any one has any ideas why I am getting this error message?
P.S. My cert7.db is not corrupted, I tested it with IPlanet's ldapsearch
utility.
Thanks
Saqib Ali
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org
Re: [users@httpd] LDAPTrustedCA and LDAPTrustedCAType (mod_auth_ldap issues)
Posted by SAQIB <sa...@seagate.com>.
Hello everybody,
I compiled apache using the following configure:
./configure --enable-so --enable-mods-shared="ldap auth-ldap" --with-ldap
--with-auth-ldap --with-ldap-lib=/usr/local/iplanet-ldap-sdk.5/
--with-ldap-include=/usr/local/iplanet-ldap-sdk.5/
--with-ssl=/usr/local/ssl --enable-ssl --enable-rewrite --enable-dav
i.e. I specified the configure to use the iplanet SDK under
/usr/local/iplanet-ldap-sdk.5
However the error logs say:
> [Sat May 10 06:21:16 2003] [notice] LDAP: Built with OpenLDAP LDAP SDK
> [Sat May 10 06:21:16 2003] [crit] LDAP: Invalid LDAPTrustedCAType
> directive - BASE64_FILE type required
> [Sat May 10 06:21:16 2003] [warn] LDAP: SSL initialization failed
> [Sat May 10 06:21:16 2003] [notice] LDAP: SSL support unavailable
> [Sat May 10 06:21:16 2003] [notice] Apache/2.0.45 (Unix) mod_ssl/2.0.45
> OpenSSL/0.9.7b DAV/2 configured -- resuming normal operations
LDAP was built with OpenLDAP SDK
I m not sure where Apache is getting OpenLDAP from? Shouldnt it say LDAP:
Built with IPlanet LDAP SDK?
Any ideas?
Thanks
Saqib Ali
http://www.cheetahdrives.com/
On Sat, 10 May 2003, SAQIB wrote:
>
> Hello everybody,
>
> I am trying to get the LDAP over SSL working on Apache 2.x
>
> The online documentation has the following two directive listed:
> LDAPTrustedCA
> LDAPTrustedCAType
>
> to specify the CERT DB and CERT TYPE
>
> So I added the following to my httpd.conf file:
> ...........
> LDAPTrustedCA /usr/local/apache2/sslcert/cert7.db
> LDAPTrustedCAType CERT7_DB_PATH
> -----------
>
> However, when I start apache I get the following msg in the error log:
>
> ..............
> [Sat May 10 06:21:16 2003] [notice] LDAP: Built with OpenLDAP LDAP SDK
> [Sat May 10 06:21:16 2003] [crit] LDAP: Invalid LDAPTrustedCAType
> directive - BASE64_FILE type required
> [Sat May 10 06:21:16 2003] [warn] LDAP: SSL initialization failed
> [Sat May 10 06:21:16 2003] [notice] LDAP: SSL support unavailable
> [Sat May 10 06:21:16 2003] [notice] Apache/2.0.45 (Unix) mod_ssl/2.0.45
> OpenSSL/0.9.7b DAV/2 configured -- resuming normal operations
> --------------
>
> and here is my configure line:
> ./configure --enable-so --enable-mods-shared="ldap auth-ldap" --with-ldap
> --with-auth-ldap --with-ldap-lib=/usr/local/iplanet-ldap-sdk.5/
> --with-ldap-include=/usr/local/iplanet-ldap-sdk.5/
> --with-ssl=/usr/local/ssl --enable-ssl --enable-rewrite --enable-dav
>
> Any one has any ideas why I am getting this error message?
>
> P.S. My cert7.db is not corrupted, I tested it with IPlanet's ldapsearch
> utility.
>
>
> Thanks
> Saqib Ali
>
---------------------------------------------------------------------
The official User-To-User support forum of the Apache HTTP Server Project.
See <URL:http://httpd.apache.org/userslist.html> for more info.
To unsubscribe, e-mail: users-unsubscribe@httpd.apache.org
" from the digest: users-digest-unsubscribe@httpd.apache.org
For additional commands, e-mail: users-help@httpd.apache.org