logo
Apache Lounge
Webmasters

 


About

Forum Index Downloads Search Register Log in  RSS Apache Lounge
 


Keep Server Online

If you find the Apache Lounge, the downloads and overall help useful, please express your satisfaction with a donation.

or

Bitcoin

A donation makes a contribution towards the costs, the time and effort that's going in this site and building.

Thank You! Steffen

Apache Lounge is not sponsored.

Your donations will help to keep this site alive and well, and continuing building binaries.



ldaps with httpd-2.4 Inertnal Error

 
Post new topic   Reply to topic    Apache Forum Index -> Apache



View previous topic :: View next topic  
Author Message
aladdin4483



Joined: 19 Oct 2018
Posts: 2
Location: IVRY SUR SEINE

PostPosted: Fri 19 Oct '18 11:25    Post subject: ldaps with httpd-2.4 Inertnal Error Reply with quote

Hi,

any help about this Error Plz:

The server encountered an internal error or misconfiguration and was unable to complete your request.

conf ssl.conf

SetHandler server-status
Order Deny,Allow
Deny from all
AuthType Basic
AuthName "MyServer"
AuthBasicProvider ldap
#AuthLDAPBindDN cn=admin,dc=test,dc=net
#AuthLDAPBindPassword XXXX
AuthLDAPCompareDNOnServer Off
AuthLDAPURL ldaps://localhos/
#AuthzLDAPAuthoritative off
AuthUserFile /dev/null
Require valid-user
Satisfy any

Thnx!!
Back to top
mraddi



Joined: 27 Jun 2016
Posts: 72
Location: Schömberg, Baden-Württemberg, Germany

PostPosted: Fri 19 Oct '18 14:16    Post subject: Reply with quote

Hello,

- do you already have checked your configuration with "httpd -t" or "httpd -S"?
- do you have included all needed apache-modules?
- is your LDAP-server's hostname really "localhos" without "t"? Wink
- as you are using ldapS: have you ensured that your Apache trusts the LDAP-server's certificate? Maybe you can use ldap for troubleshooting?
- maybe the configuration I have used (within a .htaccess) can help (but is only using ldap instead of ldapS)?
Code:
AuthType Basic
AuthName "Test ldap"
AuthBasicProvider ldap
AuthLDAPBindDN "cn=admin,dc=example,dc=org"
AuthLDAPBindPassword *****
AuthLDAPRemoteUserIsDn On
AuthLDAPUrl ldap://localhost:389/dc=example,dc=org
LDAPReferrals Off
Back to top
aladdin4483



Joined: 19 Oct 2018
Posts: 2
Location: IVRY SUR SEINE

PostPosted: Fri 19 Oct '18 14:29    Post subject: Reply with quote

hello,

Using LDAP --> OK
Using htacces --> OK

i tested sertificat server by openssl -connet localhost:636 it's verified OK Wink
Back to top
mraddi



Joined: 27 Jun 2016
Posts: 72
Location: Schömberg, Baden-Württemberg, Germany

PostPosted: Fri 19 Oct '18 15:08    Post subject: Reply with quote

Hello,

if I understand correctly when using only ldap it is working, when using ldapS it is not working?

As "openssl s_client ..." normally does not check the complete validity of the certificate (issuer trusted? cn matching requesting hostname? current date/time between "not valid before" and "not valid after"?) this is not a sufficient test. Sad

- Could you check that the cn or the SAN (subject alternate name) contains "localhost" as your configuration contains this hostname within the ldap-URL?
- Can you verify (maybe with a tcpdump) that the connection is established correctly and not dropped/canceled due to a certificate error (because of untrusted CA or non-matching-hostname)?
Back to top


Post new topic   Reply to topic    Apache Forum Index -> Apache
Page 1 of 1