Mantis Bug Tracker - Forums


https://mantisbt.org/forums/

Mantis 1.2.3: Configuration ldaps with certificate

https://mantisbt.org/forums/viewtopic.php?t=13834

Page 1 of 1

Mantis 1.2.3: Configuration ldaps with certificate

Posted: 11 Nov 2010, 12:23
by dandjo
Hi friends,

I want to use Mantis with ldap authentication over ldaps with a self signed certificate. Besides the configuration parameters in config_inc.php, how do I manage to get this working? The LDAP server is running and a test-connection with another LDAP client works perfectly. Currently I get the error "LDAP Authentication Failed", my config looks like this:

Code: Select all

$g_login_method = LDAP;
$g_ldap_server = 'ldaps://url.to.server';
$g_ldap_port = '636';
$g_ldap_protocol_version = 3;
$g_ldap_root_dn = 'dc=mantisdc';
$g_ldap_uid_field = 'uid';
$g_ldap_realname_field = 'cn';
$g_use_ldap_email = ON;
$g_use_ldap_realname = ON;
Thanks!
Kind regards,
dandjo

Re: Mantis 1.2.3: Configuration ldaps with certificate

Posted: 12 Nov 2010, 08:19
by atrol
Temporary enabling LDAP tracing might help to find the problem

Code: Select all

$g_log_level = LOG_LDAP;
$g_log_destination = 'file:/tmp/mantisbt.log';

Re: Mantis 1.2.3: Configuration ldaps with certificate

Posted: 12 Nov 2010, 14:23
by dandjo
Hi atrol,

thanks for this hint. The log says:

Code: Select all

12-11-10 15:18 CET ldap Binding to LDAP server
12-11-10 15:18 CET ldap Attempting connection to LDAP server 'ldaps://url.to.server' port '636'.
12-11-10 15:18 CET ldap Connection accepted to LDAP server
12-11-10 15:18 CET ldap Setting LDAP protocol to  to ldap server to 3
12-11-10 15:18 CET ldap Attempting bind to ldap server with username and password
12-11-10 15:18 CET ldap bind to ldap server  failed - authentication error?
Any ideas?
The bind_dn and bind_passwd should be correct as I am able to connect via another client. I assume the problem is the self signed certificate. The question is, how I could manage to integrate this certificate within the configuration.

Kind regards,
dandjo

Re: Mantis 1.2.3: Configuration ldaps with certificate

Posted: 15 Nov 2010, 16:34
by dandjo
The SOLUTION:
  1. Put the server-certificate somewhere on your harddisk (e.g. "C:\CA\certs\rootca.cer").
  2. Create the file "C:\openldap\sysconf\ldap.conf" with the content-line "tls_cacert C:\CA\certs\rootca.cer".
  3. Restart Apache.
Kind regards,
dandjo

Re: Mantis 1.2.3: Configuration ldaps with certificate

Posted: 15 Nov 2010, 17:15
by atrol
Thanks for coming back and providing the solution.

If all is running fine, don't forget to deactivate the logging.

Re: Mantis 1.2.3: Configuration ldaps with certificate

Posted: 09 Jun 2022, 17:37
by KeithG
Very helpful information - Thank you
I'm trying to do the same (LDAPS) in IIS (not Apache) with Certificate usage.
Where do I need to put the Root CA in this case and what config file do I modify?
THANK YOU!
All times are UTC
Page 1 of 1

Powered by phpBB® Forum Software © phpBB Limited