View Issue Details
ID | Project | Category | View Status | Date Submitted | Last Update |
---|---|---|---|---|---|
0002730 | SOGo | Backend General | public | 2014-04-22 19:14 | 2016-03-16 14:11 |
Reporter | Pegasus | Assigned To | ludovic | ||
Priority | normal | Severity | minor | Reproducibility | always |
Status | closed | Resolution | suspended | ||
Platform | [Server] Linux | OS | Debian | OS Version | 7 (Wheezy) |
Product Version | 2.2.3 | ||||
Summary | 0002730: LDAPS in hostname URL field in SOGoUserSources does not work | ||||
Description | According to the 2.2.3 documentation, I should be able to use a URL in the form "ldaps://fully.qualified.domain.name" in the 'hostname' field of SOGoUserSources, and I can, however SOGo proceeds to talk on the wrong port number (389) instead of 686. If I force the port using the deprecated 'port' field, it connects on the correct port but still can't authenticate. The LDAP server is fine as I can authenticate using LDAPS and the same bind DN & password using another method (Apache Directory Studio.) And I can authenticate fine with no encryption. | ||||
Steps To Reproduce | 1) Configure sogo.conf with: 2) Restart SOGo and attempt to log in with valid or even invalid credentials | ||||
Additional Information | Apr 22 19:12:31 sogod [11831]: [ERROR] <0x0x7f1eef03cf30[LDAPSource]> Could not bind to the LDAP server ldaps://server.sub.example.com (389) using the bind DN: CN=SOGo,CN=Users,DC=ad,DC=example,DC=com | ||||
Tags | No tags attached. | ||||
FWIW, using "ldap://fully.qualified.domain.name????!StartTLS" does work, though I don't see a way to tell if it's really using an encrypted connection. I can put garbage instead of 'StartTLS' in the URL and it still connects, so I suspect it's not really encrypting even with it spelled correctly. |
|
What does your LDAP log show while connecting? |
|
hostname = "ldaps://server.sub.example.com:636"; should do the trick. That will be LDAP over SSL. If you want to use TLS, you should use: hostname = "ldap://server.sub.example.com/????!StartTLS"; |
|
Date Modified | Username | Field | Change |
---|---|---|---|
2014-04-22 19:14 | Pegasus | New Issue | |
2014-04-22 19:18 | Pegasus | Note Added: 0006951 | |
2014-04-22 19:23 | Pegasus | Note Edited: 0006951 | |
2014-05-20 15:53 | Christian Mack | Note Added: 0007055 | |
2014-05-23 15:46 | ludovic | Note Added: 0007100 | |
2015-06-11 13:02 | ludovic | Status | new => closed |
2015-06-11 13:02 | ludovic | Assigned To | => ludovic |
2015-06-11 13:02 | ludovic | Resolution | open => suspended |