Cannot configure SSL for plugin

Jump to: navigation, search

Hi

I'm trying to use SSL in configuration file :


require_once( "$IP/extensions/LdapAuthentication/LdapAuthentication.php" );
$wgAuth = new LdapAuthenticationPlugin();
$wgLDAPUseLocal = "true";
$wgLDAPDebug = 99;
 
$wgLDAPDomainNames = array( "example");
$wgLDAPDisableAutoCreate = array("example"=>"true");
$wgLDAPUseSSL = array( "example"=>"true" );
$wgLDAPEncryptionType = array( "example" => "ssl");
$wgLDAPServerNames = array("example" => "127.0.0.1");
$wgLDAPPort = array("example" => "636");
$wgLDAPBaseDNs = array("example" => "dc=example,dc=com" );
....

But still I get in Apache logs

[Sun Oct 09 22:32:31 2011] [error] [client 127.0.0.1] PHP Warning: ldap_start_tls(): Unable to start TLS: Can't contact LDAP server in /usr/share/mediawiki/extensions/LdapAuthentication/LdapAuthentication.php on line 283

Why this reference to TLS as I want to use SSL ?

Thanks for advance

62.147.157.22220:42, 9 October 2011

What does you LDAPdebug log say?

132.177.40.16122:07, 28 October 2011
 

If you are going to use SSL, you can't use an IP address. Also, if you are going to use 127.0.0.1, what's the point of using SSL anyway? An attacker that has the ability to sniff that traffic also has the ability to decrypt the traffic using the private key anyway.

Ryan lane02:14, 2 December 2011

Let me clarify, if you are using SSL, the server name you use must match the CN field of the certificate sent by the LDAP server.

Ryan lane02:15, 2 December 2011
 
 
Retrieved from "http://www.mediawiki.org/wiki/Thread:Extension_talk:LDAP_Authentication/Cannot_configure_SSL_for_plugin#Cannot_configure_SSL_for_plugin_9395"
Personal tools

Variants
Actions
Navigation
Support
Download
Development
Communication
Toolbox