Project

General

Profile

Bug #5414

LDAP + TLS is not LDAP + TLS but LDAP + SSL

Added by Yann Cezard almost 5 years ago. Updated 8 months ago.

Status:
Closed
Priority:
Low
Assignee:
Category:
Authentication
Target version:
Difficulty:
trivial
Triaged:
Bugzilla link:
Pull request:
Team Backlog:
Fixed in Releases:
Found in Releases:

Description

Hi,

Today I configured our OpenLDAP server as a login source for foreman.
I checked the TLS checkbox, and found out it wasn't working. Without it, all was working fine.
There was an SSL error : The problem was solved by changing the port to 636 instead of 389.
In fact the LDAP auth backend doesn't use TLS, but SSL (aka LDAPS) and not LDAP+TLS (the ruby net/ldap module does not seem to support real TLS : http://net-ldap.rubyforge.org/Net/LDAP.html#method-i-encryption)

I think that the label should be changed to "SSL" or "LDAPS", or perhaps should you use the ldap:// ldaps:// syntax to be more clear ?
No big deal, of course, but it could save some time for users who will check their config several times before understanding the problem.

Best regards,


Related issues

Related to Foreman - Bug #7003: Unable to connect to AD through ldap login moduleClosed2014-08-08

Associated revisions

Revision 42163f86 (diff)
Added by Ori Rabin over 4 years ago

fixes #5414: LDAP + TLS is not LDAP + TLS but LDAP + SSL and changed port automatically on check

History

#1 Updated by Ori Rabin over 4 years ago

  • Assignee set to Ori Rabin

#2 Updated by Ohad Levy over 4 years ago

  • Target version set to 1.8.1
  • Legacy Backlogs Release (now unused) set to 10

#3 Updated by Dominic Cleal over 4 years ago

  • Status changed from New to Ready For Testing

#4 Updated by Ori Rabin over 4 years ago

  • Status changed from Ready For Testing to Closed
  • % Done changed from 0 to 100

#5 Updated by Dominic Cleal over 4 years ago

  • Related to Bug #7003: Unable to connect to AD through ldap login module added

Also available in: Atom PDF