Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    LDAP cuts out half the time with ssl

    Scheduled Pinned Locked Moved General pfSense Questions
    7 Posts 3 Posters 855 Views 3 Watching
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • M Offline
      msudak
      last edited by

      So i'm trying to set up logins using ldap with SSL, but it only authorises half the time. If I change it to TCP it works all the time. can anyone help me. I'm running ldap on a windows server 2012 and im using pfsense v2.4.4-RELEASE

      1 Reply Last reply Reply Quote 0
      • stephenw10S Offline
        stephenw10 Netgate Administrator
        last edited by

        What do the logs show at each end when it fails?

        https://www.netgate.com/docs/pfsense/usermanager/ldap-troubleshooting.html

        Steve

        M 1 Reply Last reply Reply Quote 0
        • jimpJ Offline
          jimp Rebel Alliance Developer Netgate
          last edited by

          First, enable SSL and then run option 16 and then 11 from the ssh or console menu to make sure that LDAP has a clean SSL environment.

          Any time you change SSL options some of the old SSL info may be left in the running environment. Using 16/11 clears that and gives it a fresh start. PHP finally added a way we might be able to work around that, but we aren't quite at a point where we have time to go back and reconvert the LDAP SSL setup to use the new settings right this moment.

          Remember: Upvote with the 👍 button for any user/post you find to be helpful, informative, or deserving of recognition!

          Need help fast? Netgate Global Support!

          Do not Chat/PM for help!

          1 Reply Last reply Reply Quote 0
          • M Offline
            msudak @stephenw10
            last edited by

            @stephenw10 0_1540947013109_e7be7a14-bf5c-411a-8a29-7cbc16fa8a3d-image.png
            this is what i see on pfsense

            1 Reply Last reply Reply Quote 0
            • M Offline
              msudak
              last edited by

              @jimp that didnt help

              1 Reply Last reply Reply Quote 0
              • stephenw10S Offline
                stephenw10 Netgate Administrator
                last edited by

                Ok, so it couldn't connect to the server at all. Does the server log anything useful at that time?

                But it doesn't fail like that all the time? And I assume the bind credential don't change in between. Is that a single server or a failover of some sort?

                Steve

                1 Reply Last reply Reply Quote 0
                • M Offline
                  msudak
                  last edited by

                  In the end i managed to figure it out. It seems that the certificate is case sensitive so once i fixed that it all works. the only thing im not sure about is why it worked sometimes before i fixed it.

                  thank you for your help

                  1 Reply Last reply Reply Quote 0
                  • First post
                    Last post
                  Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.