httpd cannot connect via TLS to LDAP server after upgrade to fedora 14
Michael Cronenworth
mike at cchtml.com
Mon Jan 31 21:14:23 UTC 2011
Ldap Tester wrote:
> I don't know if this is a problem with httpd's mod_authnz_ldap
> or its mod_ldap or with openldap, or just a configuration mistake
> on my part, but it used to work before the upgrade.
> I have searched all over for an answer to this problem
> because I can't believe that I am the only one having it,
> but I have found nothing.
> I welcome any ideas.
Fedora 14 had an undocumented feature where OpenLDAP switched from using
OpenSSL to NSS. NSS isn't a mature or bugfree library and each time core
utilities are switched to it (curl for example) NSS bugs spout their
ugly heads. I'm not sure where the drive to use NSS-for-everything comes
from, but that is for a separate thread.
As for your issue, with this change, defaults changed.
If any Red Hat NSS guy is listening, it would be nice to have your
future work documented as a Fedora feature. Not only would you get
recognition but there could be testing and documentation to go along
with your new feature.
More information about the users
mailing list