Welcome to the LimeSurvey Community Forum

Ask the community, share ideas, and connect with other LimeSurvey users!

LDAPS Connection

  • Smidder
  • Smidder's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
6 years 5 months ago #159395 by Smidder
LDAPS Connection was created by Smidder
Hello,

we've got a problem with the LDAP SSL connection to LimeSurvey. The LDAP Auth is working.
If we change from ldap:// to ldaps:// and the port from 389 to 636 the login does not work anymore.
If we login to LimeSurvey there is only the error message 'Can't contact LDAP Server.'

Does somebody know this problem?

Best regards
Smidder
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Away
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
6 years 5 months ago #159431 by DenisChenu
Replied by DenisChenu on topic LDAPS Connection
Surely some bad SSL connexion on your size. It's a valid SSL key or a personal use key ?

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.
  • Smidder
  • Smidder's Avatar Topic Author
  • Offline
  • New Member
  • New Member
More
6 years 5 months ago #159435 by Smidder
Replied by Smidder on topic LDAPS Connection
It is a valid SSL key. Are you able to tell me where I have to store the CA certificate?
The topic has been locked.
  • DenisChenu
  • DenisChenu's Avatar
  • Away
  • LimeSurvey Community Team
  • LimeSurvey Community Team
More
6 years 5 months ago #159436 by DenisChenu
Replied by DenisChenu on topic LDAPS Connection
Maybe some issue about tls/ssl.
Best is to look at your server error log i think.

Currently, on another tool , i have an issue with CYPHER and php5.6

Else :
Code:
php -r "print_r(openssl_get_cert_locations());"

Assistance on LimeSurvey forum and LimeSurvey core development are on my free time.
I'm not a LimeSurvey GmbH member, professional service on demand , plugin development .
I don't answer to private message.
The topic has been locked.
More
6 years 5 months ago - 6 years 5 months ago #159653 by bdeprez
Replied by bdeprez on topic LDAPS Connection
Hi,
I had the same issues - let me explain how I solved it (note: I'm on RHEL7 but must be something similar for your OS):

1° /etc/openldap/ldap.conf

this conf file needs the path to my CA Certificate - mine has something like this:

TLS_CACERT /etc/pki-root/ca.pem

2° /etc/pki-root/ca.pem

this file then contains my root CA with the 'BEGIN CERTIFICATE' and 'END CERTIFICATE' delimiters.

This is working for me. Note: I don't use Start-TLS (that is Off in my LDAP plugin configuration)

Hope this helps!
B
Last edit: 6 years 5 months ago by bdeprez. Reason: clarified I'm not using Start-TLS
The topic has been locked.

Lime-years ahead

Online-surveys for every purse and purpose