시스템은 ubuntu입니다.
Trac 서버들을 openldap + webmin에 붙여서 잘 사용하고 있습니다..
문제는 요구사항에 trac끼리 로그인 없이 가능하게 해달라 해서 지금 며칠 삽질하고 있습니다.
너무 답답하여 찾아왔습니다. 고수님들의 조언 부탁드립니다.
system = ubuntu입니다.
현재 Trac 서버에 openldap 으로 사용자 인증을 처리하고 있습니다.
openldap + ssl하면 에러가 생기네요 ..;
문서는 우분투 문서들을 보고 하고 있습니다. 개인적으로 필요하시다면 메일 주시면 모아놓은 문서들을 드리겠습니다 ..
셋팅은 다음과 같이 했습니다.
sldap.conf
include /etc/ldap/schema/core.schema
include /etc/ldap/schema/cosine.schema
include /etc/ldap/schema/inetorgperson.schema
include /etc/ldap/schema/nis.schema
include /etc/ldap/schema/openldap.schema
include /etc/ldap/schema/collective.schema
include /etc/ldap/schema/corba.schema
include /etc/ldap/schema/duaconf.schema
include /etc/ldap/schema/dyngroup.schema
include /etc/ldap/schema/java.schema
include /etc/ldap/schema/misc.schema
include /etc/ldap/schema/nadf.schema
include /etc/ldap/schema/ppolicy.schema
database bdb
suffix dc=slave,dc=infraware,dc=net
rootdn cn=admin,dc=slave,dc=infraware,dc=net
rootpw ********
directory /var/lib/ldap
TLSCACertificateFile /etc/ldap/ssl/slapd.pem
TLSCertificateFile /etc/ldap/ssl/slapd.pem
TLSCertificateKeyFile /etc/ldap/ssl/slapd.pem
/etc/ldap/ldap.conf
BASE dc=slave,dc=infraware,dc=net
URI ldaps://slave.infraware.net
/etc/ldap.conf
base dc=slave,dc=infraware,dc=net
uri ldaps://211.45.70.6:636
TLS_REQCERT allow
ldap_version 3
rootbinddn cn=admin,dc=slave,dc=infraware,dc=net
이제 부터가 문제 입니다.
root@slave:/usr/share/migrationtools# ldapsearch -xLL
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
root@slave:/usr/share/migrationtools#
root@slave:/usr/share/migrationtools# ldapsearch -d -1 -H ldaps://slave.infraware.net -b dc=slave,dc=infraware,dc=net -x
ldap_url_parse_ext(ldaps://slave.infraware.net)
ldap_create
ldap_url_parse_ext(ldaps://slave.infraware.net:636/??base)
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP slave.infraware.net:636
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying 211.45.70.6:636
ldap_pvt_connect: fd: 3 tm: -1 async: 0
tls_write: want=93, written=93
0000: 16 03 02 00 58 01 00 00 54 03 02 4a 36 03 29 79 ....X...T..J6.)y
0010: 09 d1 ca 57 58 5a 39 7b bb 3f dc 6d ae 43 74 da ...WXZ9{.?.m.Ct.
0020: b0 24 1c 08 e0 fe a3 d1 c2 a3 70 00 00 24 00 33 .$........p..$.3
0030: 00 45 00 39 00 88 00 16 00 32 00 44 00 38 00 87 .E.9.....2.D.8..
0040: 00 13 00 66 00 2f 00 41 00 35 00 84 00 0a 00 05 ...f./.A.5......
0050: 00 04 01 00 00 07 00 09 00 03 02 00 01 .............
tls_read: want=5, got=0
TLS: can't connect: A TLS packet with unexpected length was received..
ldap_err2string
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
root@slave:/usr/share/migrationtools#
조언 부탁드립니다.
|