LDAP and SSL

Added by Irina Boverman about 11 years ago

I am attempting to configure LDAP, my configuration is as follows:

bash-3.2$ RAILS_ENV=development script/about
GLoc v1.1 running in development mode. Strings can be modified at runtime.
About your application's environment
Ruby version 1.8.7 (x86_64-linux)
RubyGems version 1.3.1
Rails version 2.1.2
Active Record version 2.1.2
Action Pack version 2.1.2
Active Resource version 2.1.2
Action Mailer version 2.1.2
Active Support version 2.1.2
Edge Rails revision unknown
Application root .../redmine-0.8.1
Environment development
Database adapter mysql
Database schema version 101

I am using default port 389, and when trying to login I am getting this error:

OpenSSL::SSL::SSLError in AccountController#login

SSL_connect SYSCALL returned=5 errno=0 state=SSLv2/v3 read server hello A

RAILS_ROOT: /home/boston/iboverma/redmine-0.8.1
Application Trace | Framework Trace | Full Trace

vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb:1059:in `connect'
vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb:1059:in `setup_encryption'
vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb:1025:in `initialize'
vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb:638:in `new'
vendor/plugins/ruby-net-ldap-0.0.4/lib/net/ldap.rb:638:in `search'
app/models/auth_source_ldap.rb:42:in `authenticate'
app/models/user.rb:93:in `try_to_login'
app/controllers/account_controller.rb:49:in `login'

I do not want to use SSL/encryption to authenticate, how do I disable it?

Replies (6)

RE: LDAP and SSL - Added by Irina Boverman about 11 years ago

Can someone answer my question?

RE: LDAP and SSL - Added by Ludovic Alcala about 11 years ago

did you check the ldaps checkbox ?

RE: LDAP and SSL - Added by Irina Boverman about 11 years ago

Yes, I did. And when I unchecked it, it resolved the issue. Thanks.

RE: LDAP and SSL - Added by Ludovic Alcala about 11 years ago

You're welcome.

RE: LDAP and SSL - Added by Jack K. over 10 years ago

The title of this post says "LDAP and SSL".

By recommending to unchecked the LDAPS checkbox, your Redmine installation will connect to LDAP without SSL. -> Do not do this!

This justs cures the symptoms, not the problem.

I am using default port 389, and when trying to login I am getting this error: [...]

The default port is for LDAP without SSL. Port 636 is the correct port for LDAP with SSL (see your /etc/serveices file).

RE: LDAP and SSL - Added by Ludovic Alcala over 10 years ago

She said : I do not want to use SSL/encryption to authenticate, how do I disable it?

But sure, the use of ssl on ldap mode is recommended...

(1-6/6)