[Fedora-directory-users] Admin server TLS error
Rob Crittenden
rcritten at redhat.com
Wed Jun 7 15:41:52 UTC 2006
Matthias Saou wrote:
> Jeff Gamsby wrote :
>
>> I'm not sure it f this will work.
>> Try NSSEngine off in admin-serv/config/console.conf?
>
> Nope. It's already off. I've looked at all the files in that directory
> and simply can't figure out why it's trying to connect to the FDS using
> TLS nor how to revert that behavior to the previous one.
>
> Other suggestions are welcome.
>
> Matthias
Right, console.conf configures the HTTP admin server itself, not the
communication between the two servers.
You need to edit /opt/fedora-ds/shared/config/dbswitch.conf and set it
to ldap:// and port 389 (or whatever your non-secure port is). It worked
in my quickie test anyway.
rob
>
>> Matthias Saou wrote:
>>> Hi,
>>>
>>> I'm setting up FDS 1.0.2 on RHEL4 x86_64, and everything was going
>>> rather well, until I started trying to use SSL/TLS everywhere.
>>>
>>> Following the instructions in the Wiki I got the certificates created
>>> and installed using the provided script. I can now see the FDS
>>> listening on port 636. But I think I also enabled SSL or TLS for the
>>> admin server... which now refuses to start.
>>>
>>> All I see in the admin-serv/logs/error file is this :
>>>
>>> [Wed Jun 07 13:16:30 2006] [crit] buildUGInfo(): unable to initialize
>>> TLS connection to LDAP host ldap.mydomain port 636: 4
>>> [Wed Jun 07 13:16:30 2006] [crit] mod_admserv_post_config(): unable to
>>> build user/group LDAP server info:
>>> Configuration Failed
>>>
>>> And I really don't know how to fix this... I think I've really tried
>>> everything I could think of already. Setting the LogLevel to debug
>>> doesn't give any more useful output.
>>>
>>> Is there any way I can revert to a plain connection to port 389? I
>>> don't really understand the problem in the first place since I've put
>>> this in adm.conf but it didn't change the error :
>>>
>>> ldapHost: ldap.mydomain
>>> ldapPort: 389
>>>
>>> Matthias
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20060607/003a4689/attachment.bin>
More information about the 389-users
mailing list