LDAP cuts out half the time with ssl
-
So i'm trying to set up logins using ldap with SSL, but it only authorises half the time. If I change it to TCP it works all the time. can anyone help me. I'm running ldap on a windows server 2012 and im using pfsense v2.4.4-RELEASE
-
What do the logs show at each end when it fails?
https://www.netgate.com/docs/pfsense/usermanager/ldap-troubleshooting.html
Steve
-
First, enable SSL and then run option 16 and then 11 from the ssh or console menu to make sure that LDAP has a clean SSL environment.
Any time you change SSL options some of the old SSL info may be left in the running environment. Using 16/11 clears that and gives it a fresh start. PHP finally added a way we might be able to work around that, but we aren't quite at a point where we have time to go back and reconvert the LDAP SSL setup to use the new settings right this moment.
-
@stephenw10
this is what i see on pfsense -
@jimp that didnt help
-
Ok, so it couldn't connect to the server at all. Does the server log anything useful at that time?
But it doesn't fail like that all the time? And I assume the bind credential don't change in between. Is that a single server or a failover of some sort?
Steve
-
In the end i managed to figure it out. It seems that the certificate is case sensitive so once i fixed that it all works. the only thing im not sure about is why it worked sometimes before i fixed it.
thank you for your help