[rt-users] RT::Authen::ExternalAuth LDAPS
robdewhirst at gmail.com
Wed Mar 5 11:08:53 EST 2014
thanks, I should have clarified that LDAP over TLS on 389 is not an
option for us. We can only do LDAPS over 636.
On Tue, Mar 4, 2014 at 11:32 AM, ktm at rice.edu <ktm at rice.edu> wrote:
> TLS would still be over port 389 if it was being used.
> On Tue, Mar 04, 2014 at 11:29:48AM -0600, Dewhirst, Rob wrote:
>> I am successfully authenticating via LDAP (cleartext) over TCP 389
>> using RT::Authen::ExternalAuth
>> However, once I change:
>> Set($ExternalServiceUsesSSLorTLS, 1);
>> and in the ExternalSettings for My_LDAP:
>> 'tls' => 1,
>> 'ssl_version' => 3,
>> It still authenticates (successfully) over TCP 389.
>> I noticed someone else had a similar problem but was lacking
>> Net::SSLeay. Not my case here (I don't see how you can use Net::LDAP
>> without Net:SSLeay)
>> [root at rtir-test ~]# cpan -i Net::SSLeay
>> CPAN: Storable loaded ok (v2.20)
>> Reading '/root/.cpan/Metadata'
>> Database was generated on Mon, 03 Mar 2014 20:17:02 GMT
>> CPAN: Module::CoreList loaded ok (v2.18)
>> Net::SSLeay is up to date (1.58).
>> [root at rtir-test ~]#
>> I have debug logging enabled in RT, but it doesn't seem to tell me
>> anything useful since nothing is failing.
More information about the rt-users