This is related to the question I asked last week. The issue is that suddenly, my apache server was unable to connect to my LDAP (Active Directory) server for sites that require authentication. After much digging, I discovered that the SSL certificate for the LDAP/AD server expired when this happened. I have been trying to create a new SSL cert for the LDAP/AD server and installing that on the apache server and have been having no luck. At this point, I need someone who can go through the process for me step-by-step as it would appear I am missing something fundamental in making this all work.
At this point, I can't even get an LDAP connection from apache (using mod_ldap) even without SSL.
I have been using openldap both on the Windows server (LDAP/AD host) and the linux apache server, creating certs on both sides to no avail. I can't seem to get what I need from docs I've found online and just need a simple howto to make this all work. Anything that will help me make sense of this mess would be greatly appreciated.
Thanks. Seth
Well the fact that you cannot even communicate with the LDAP server without SSL could mean something else is wrong, and judging by the post you made before it sounds like this was not the first time. For the SSL bit however all you need to do is copy your SSL certificate authority .crt file and place it into the apache server here: /etc/ssl/cert.pem
In your virtual-host file on the apache server in question you want to add a block like this:
Update your Directory block to look like:
and then verify your Location block looks like:
That's how mine is configured.
Hope this helps