Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

SSL Port issue in Console #253

Closed
389-ds-bot opened this issue Sep 12, 2020 · 3 comments
Closed

SSL Port issue in Console #253

389-ds-bot opened this issue Sep 12, 2020 · 3 comments
Labels
closed: fixed Migration flag - Issue
Milestone
FUTURE

Comments

@389-ds-bot
Copy link

Cloned from Pagure issue: https://pagure.io/389-ds-base/issue/253

https://bugzilla.redhat.com/show_bug.cgi?id=757773

Description of problem:
I have configured two DS instances on same host with SSL enabled.

FIRST Instance = snmaptest
=============================
[root@snmaptest scripts]# ldapsearch -x -h localhost -p 389 -D "cn=directory
manager" -w Secret123 -b "cn=config" | grep nsslapd-secureport
nsslapd-requiresrestart: cn=config:nsslapd-secureport
nsslapd-secureport: 636

SECOND Instance = snmaptest2
===============================
[root@snmaptest scripts]# ldapsearch -x -h localhost -p 1389 -D "cn=directory
manager" -w Secret123 -b "cn=config" | grep nsslapd-secureport
nsslapd-requiresrestart: cn=config:nsslapd-secureport
nsslapd-secureport: 2389
vim /etc/dirsrv/slapd-snmaptest2/dse.ldif

I have also enabled the SSL on the DS Console for both the instances.
Now the problem in the console is, It is showing same SSL PORT for both the
instance i.e. 636.

Due to this bug
================
1. We can never turn ON the SSL for DS Console.
2. We can never configure the DS SSL from DS Console because IT does not take
any other SSL port except 636.
3.  if you enable SSL on console, it seems to not allow to manage certificates
and encryption from Console.
4. And for most in the above case(I mentioned in my last mail), If the SSL
ports are same for both the instances, It leads u to the situation where u
can't perform any other operation (ldapmod/add/delete) from console. becoz then
If u do any ldap operation on one instance it automatically reflects to the 2nd
instance widout Replication.
@389-ds-bot 389-ds-bot added the closed: fixed Migration flag - Issue label Sep 12, 2020
@389-ds-bot 389-ds-bot added this to the FUTURE milestone Sep 12, 2020
@389-ds-bot
Copy link
Author

Comment from rmeggins (@richm) at 2012-01-11 02:42:54

commit changeset:7c3d88a741835757d21824b4d514fba04ff56a4e/389-ds-console
Author: Noriko Hosoi nhosoi@redhat.com
Date: Thu Dec 1 14:35:52 2011 -0800
Description: If non-standard SSL ports are set from outside of
Console, there is no chance for Console to update nsSecureServerPort
in o=netscaperoot.

When enabling "Use SSL in Console", if the secure port in cn=config
is not the standard SSL port 636, replace nsSecureServerPort in
o=netscaperoot with the one read from cn=config.

Reviewed by nkinder@redhat.com (Thanks!!)

@389-ds-bot
Copy link
Author

Comment from nkinder (@nkinder) at 2012-08-28 04:14:38

Added initial screened field value.

@389-ds-bot
Copy link
Author

Comment from nkinder (@nkinder) at 2017-02-11 22:53:04

Metadata Update from @nkinder:

  • Issue assigned to richm
  • Issue set to the milestone: FUTURE

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
closed: fixed Migration flag - Issue
Projects
None yet
Milestone
FUTURE
Development

No branches or pull requests
1 participant
@389-ds-bot