[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#463278: apache2.2-common: mod_auth_ldap doesnt work with LDAPVerifyServerCert Off

Package: apache2.2-common
Version: 2.2.3-4+etch3
Severity: normal

The usage of 

	LDAPVerifyServerCert Off

does normally disable the verfication of valid SSL certificates, if an
auth-rule connect to a LDAP-server with ldaps://0.0.0.0:636/....

The debian package result with an entry in the slapd.log

Jan 30 18:37:25 hostname slapd[3087]: conn=3323 fd=14 ACCEPT from
IP=127.0.0.1:42555 (IP=0.0.0.0:636)
Jan 30 18:37:25 hostname slapd[3087]: conn=3323 fd=14 closed (TLS negotiation
failure)


The apache configuration is approved with other distros.
The auth-configuration works w/o SSL.
The ldapsearch-util does works with a SSL connection.



-- System Information:
Debian Release: 4.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.18-5-686-bigmem
Locale: LANG=de_DE@euro, LC_CTYPE=de_DE@euro (charmap=ISO-8859-15)

Versions of packages apache2.2-common depends on:
ii  apache2-utils              2.2.3-4+etch3 utility programs for webservers
ii  libmagic1                  4.17-5etch3   File type determination library us
ii  lsb-base                   3.1-23.2etch1 Linux Standard Base 3.1 init scrip
ii  mime-support               3.39-1        MIME files 'mime.types' & 'mailcap
ii  net-tools                  1.60-17       The NET-3 networking toolkit
ii  procps                     1:3.2.7-3     /proc file system utilities

apache2.2-common recommends no packages.

-- no debconf information
Reply to: