OPNsense
  • Home
  • Help
  • Search
  • Login
  • Register

  • OPNsense Forum »
  • Archive »
  • 18.7 Legacy Series »
  • LDAP connection using SSL-Encryption problem
« previous next »
  • Print
Pages: 1 [2]

Author Topic: LDAP connection using SSL-Encryption problem  (Read 7947 times)

alone_k1

  • Newbie
  • *
  • Posts: 19
  • Karma: 0
    • View Profile
Re: LDAP connection using SSL-Encryption problem
« Reply #15 on: August 11, 2018, 07:53:15 am »
i get the following error:


"LDAP bind error (Can't contact LDAP server)"

Logged

alone_k1

  • Newbie
  • *
  • Posts: 19
  • Karma: 0
    • View Profile
Re: LDAP connection using SSL-Encryption problem
« Reply #16 on: August 11, 2018, 08:18:51 pm »
trying to use SartTLS to see if it works or nor :|
Logged

alone_k1

  • Newbie
  • *
  • Posts: 19
  • Karma: 0
    • View Profile
Re: LDAP connection using SSL-Encryption problem
« Reply #17 on: August 11, 2018, 10:30:53 pm »
Quote from: alone_k1 on August 11, 2018, 08:18:51 pm
trying to use SartTLS to see if it works or nor :|


i followed the following configuration:
https://www.digitalocean.com/community/tutorials/how-to-encrypt-openldap-connections-using-starttls

but it dosen't work either :|||
« Last Edit: August 11, 2018, 10:33:36 pm by alone_k1 »
Logged

alone_k1

  • Newbie
  • *
  • Posts: 19
  • Karma: 0
    • View Profile
Re: LDAP connection using SSL-Encryption problem
« Reply #18 on: August 12, 2018, 04:13:29 am »
http://s9.picofile.com/d/8334218126/903a6e02-a042-47b6-ae56-f86e4567acf3/ldap.mp4
Logged

alone_k1

  • Newbie
  • *
  • Posts: 19
  • Karma: 0
    • View Profile
Re: LDAP connection using SSL-Encryption problem
« Reply #19 on: August 12, 2018, 04:15:03 am »
honesty, OPNSense is full of un-patched bugs
Logged

cordel

  • Newbie
  • *
  • Posts: 2
  • Karma: 0
    • View Profile
Re: LDAP connection using SSL-Encryption problem
« Reply #20 on: August 12, 2018, 04:24:33 am »
Was using ssl transport working prior to upgrade to 18.7?
If so, there have been some changes in how authentication is configured in 18.7 release as noted in the release notes. I think notes on these particular changes should have been towards the top of the notes and in Bold to bring better attention to them, but they are there none the less.
 
Check under System -> Administration -> Authentication and insure you have all your LDAP servers checked, and also select "Local Database" if you want local fallback.

Used to be that you could only select two items, primary and fallback.
Also there are some slight changes/additions in Secure Shell configuration, as well as Users Configuration that may need some attention if your upgrading from 18.1 to 18.7.
Logged

cordel

  • Newbie
  • *
  • Posts: 2
  • Karma: 0
    • View Profile
Re: LDAP connection using SSL-Encryption problem
« Reply #21 on: August 12, 2018, 06:34:37 am »
Quote from: alone_k1 on August 11, 2018, 08:18:51 pm
trying to use SartTLS to see if it works or nor :|

You should check through all your steps, as I have working SSL and had no issue switching to StartTLS using OPNsense 18.7.

I have been personally using ldaps:// since OPNsense version 15 with no unexpected issues.

Make sure your client url is supported by your certificate on the server as the IP and/or url should be configured in alt names or else it will fail security checks.
Logged

alone_k1

  • Newbie
  • *
  • Posts: 19
  • Karma: 0
    • View Profile
Re: LDAP connection using SSL-Encryption problem
« Reply #22 on: August 12, 2018, 07:27:35 am »
thanks, i'll check the entire of process again, as i did it for 4-5 times before.
Logged

alone_k1

  • Newbie
  • *
  • Posts: 19
  • Karma: 0
    • View Profile
Re: LDAP connection using SSL-Encryption problem
« Reply #23 on: August 12, 2018, 06:12:19 pm »
Quote from: cordel on August 12, 2018, 06:34:37 am
Quote from: alone_k1 on August 11, 2018, 08:18:51 pm
trying to use SartTLS to see if it works or nor :|

You should check through all your steps, as I have working SSL and had no issue switching to StartTLS using OPNsense 18.7.

I have been personally using ldaps:// since OPNsense version 15 with no unexpected issues.

Make sure your client url is supported by your certificate on the server as the IP and/or url should be configured in alt names or else it will fail security checks.


cordel may you check your private messages please? i've sent you a private message asking about direct speaking, i need your help indeed ,
thanks
« Last Edit: August 12, 2018, 06:54:19 pm by alone_k1 »
Logged

  • Print
Pages: 1 [2]
« previous next »
  • OPNsense Forum »
  • Archive »
  • 18.7 Legacy Series »
  • LDAP connection using SSL-Encryption problem
 

OPNsense is an OSS project © Deciso B.V. 2015 - 2023 All rights reserved
  • SMF 2.0.19 | SMF © 2021, Simple Machines
    Privacy Policy
    | XHTML | RSS | WAP2