Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

LDAPS Problem #1185

Closed
CyrosX opened this issue Jan 8, 2019 · 9 comments
Closed

LDAPS Problem #1185

CyrosX opened this issue Jan 8, 2019 · 9 comments
Labels
kind/question v3 3.0 version

Comments

@CyrosX
Copy link

CyrosX commented Jan 8, 2019

sysPass Version
3.0-rc8

Describe the question
I cannot get a connection to our LDAPS Server (on an older installation of syspass it works):

2019-01-08 12:03:15 [DEBUG] [SP\Bootstrap::SP\{closure}] Routing call: SP\Modules\Web\Controllers\ConfigLdapController::checkAction::Array
(
)

2019-01-08 12:03:15 [INFO] [SP\Core\Acl\Actions::loadCache] Loaded actions cache
2019-01-08 12:03:15 [EXCEPTION] [N/A] Verbindung zum LDAP-Server kann nicht hergestellt werden
#0 /var/www/html/syspass/lib/SP/Providers/Auth/Ldap/LdapConnection.php(156): SP\Providers\Auth\Ldap\LdapConnection->connectTls()
#1 /var/www/html/syspass/lib/SP/Providers/Auth/Ldap/LdapConnection.php(113): SP\Providers\Auth\Ldap\LdapConnection->connect()
#2 /var/www/html/syspass/lib/SP/Providers/Auth/Ldap/LdapConnection.php(95): SP\Providers\Auth\Ldap\LdapConnection->connectAndBind()
#3 /var/www/html/syspass/lib/SP/Providers/Auth/Ldap/Ldap.php(96): SP\Providers\Auth\Ldap\LdapConnection->checkConnection()
#4 /var/www/html/syspass/lib/SP/Services/Ldap/LdapCheckService.php(51): SP\Providers\Auth\Ldap\Ldap::factory(Object(SP\Providers\Auth\Ldap\LdapParams), Object(SP\Core\Events\EventDispatcher), true)
#5 /var/www/html/syspass/app/modules/web/Controllers/ConfigLdapController.php(152): SP\Services\Ldap\LdapCheckService->checkConnection(Object(SP\Providers\Auth\Ldap\LdapParams))
#6 [internal function]: SP\Modules\Web\Controllers\ConfigLdapController->checkAction()
#7 /var/www/html/syspass/lib/SP/Bootstrap.php(234): call_user_func_array(Array, Array)
#8 [internal function]: SP\Bootstrap->SP\{closure}(Object(Klein\Request), Object(Klein\Response), Object(Klein\ServiceProvider), Object(Klein\App), Object(Klein\Klein), Object(Klein\DataCollection\RouteCollection), Array)
#9 /var/www/html/syspass/vendor/klein/klein/src/Klein/Klein.php(886): call_user_func(Object(Closure), Object(Klein\Request), Object(Klein\Response), Object(Klein\ServiceProvider), Object(Klein\App), Object(Klein\Klein), Object(Klein\DataCollection\RouteCollection), Array)
#10 /var/www/html/syspass/vendor/klein/klein/src/Klein/Klein.php(588): Klein\Klein->handleRouteCallback(Object(Klein\Route), Object(Klein\DataCollection\RouteCollection), Array)
#11 /var/www/html/syspass/lib/SP/Bootstrap.php(456): Klein\Klein->dispatch(Object(Klein\Request))
#12 /var/www/html/syspass/lib/Base.php(75): SP\Bootstrap::run(Object(DI\Container))
#13 /var/www/html/syspass/index.php(28): require('/var/www/html/s...')
#14 {main}
2019-01-08 12:03:15 [DEBUG] [SP\Providers\Log\FileLogHandler::updateEvent] exception;Verbindung zum LDAP-Server kann nicht hergestellt werden
2019-01-08 12:03:20 [ERROR] [SP\Core\Language::setLocales] Could not set locale
2019-01-08 12:03:20 [DEBUG] [SP\Core\Language::setLocales] Domain path: /var/www/html/syspass/app/locales
2019-01-08 12:03:20 [DEBUG] [SP\Config\Config::initialize] Config cache loaded


```I hope someone can help me :)

**Platform (please complete the following information):**
Ubuntu 18.04
@nuxsmin
Copy link
Owner

nuxsmin commented Jan 8, 2019

Could be related #951 ?

@CyrosX
Copy link
Author

CyrosX commented Jan 8, 2019

I've added TLS_REQCERT allow in ldap.conf and rebooted but it does not seem to work.
In the info tab of syspass the openssl php module seems to be loaded correctly.
So I think I've got maybe an other problem.

@deajan
Copy link
Contributor

deajan commented Jan 8, 2019

On the sysPass server, does the command openssl s_client -connect yourldapserver:636 work okay ?

@CyrosX
Copy link
Author

CyrosX commented Jan 11, 2019

Somehow. There are some minimal errors (unable to verify the first certificate and unable to get local user certificate.
Our old syspass 2.x works with this 🤔.But it has an older ubuntu version I think.

@nuxsmin nuxsmin added kind/question v3 3.0 version labels Jan 14, 2019
@nuxsmin
Copy link
Owner

nuxsmin commented Feb 23, 2019

Hello, does this issue still going on?

@CyrosX
Copy link
Author

CyrosX commented Feb 23, 2019

The last time I tried it (with latest version) it did not work :(.

@CyrosX
Copy link
Author

CyrosX commented Feb 25, 2019

2019-02-25 17:35:24 [EXCEPTION] [N/A] Verbindung zum LDAP-Server kann nicht hergestellt werden
#0 /var/www/html/syspass/lib/SP/Providers/Auth/Ldap/LdapConnection.php(156): SP\Providers\Auth\Ldap\LdapConnection->connectTls()
#1 /var/www/html/syspass/lib/SP/Providers/Auth/Ldap/LdapConnection.php(113): SP\Providers\Auth\Ldap\LdapConnection->connect()
#2 /var/www/html/syspass/lib/SP/Providers/Auth/Ldap/LdapConnection.php(95): SP\Providers\Auth\Ldap\LdapConnection->connectAndBind()
#3 /var/www/html/syspass/lib/SP/Providers/Auth/Ldap/Ldap.php(96): SP\Providers\Auth\Ldap\LdapConnection->checkConnection()
#4 /var/www/html/syspass/lib/SP/Services/Ldap/LdapCheckService.php(51): SP\Providers\Auth\Ldap\Ldap::factory(Object(SP\Providers\Auth\Ldap\LdapParams), Object(SP\Core\Events\EventDispatcher), true)
#5 /var/www/html/syspass/app/modules/web/Controllers/ConfigLdapController.php(152): SP\Services\Ldap\LdapCheckService->checkConnection(Object(SP\Providers\Auth\Ldap\LdapParams))
#6 [internal function]: SP\Modules\Web\Controllers\ConfigLdapController->checkAction()
#7 /var/www/html/syspass/lib/SP/Bootstrap.php(237): call_user_func_array(Array, Array)
#8 [internal function]: SP\Bootstrap->SP{closure}(Object(Klein\Request), Object(Klein\Response), Object(Klein\ServiceProvider), Object(Klein\App), Object(Klein\Klein), Object(Klein\DataCollection\RouteCollection), Array)
#9 /var/www/html/syspass/vendor/klein/klein/src/Klein/Klein.php(886): call_user_func(Object(Closure), Object(Klein\Request), Object(Klein\Response), Object(Klein\ServiceProvider), Object(Klein\App), Object(Klein\Klein), Object(Klein\DataCollection\RouteCollection), Array)
#10 /var/www/html/syspass/vendor/klein/klein/src/Klein/Klein.php(588): Klein\Klein->handleRouteCallback(Object(Klein\Route), Object(Klein\DataCollection\RouteCollection), Array)
#11 /var/www/html/syspass/lib/SP/Bootstrap.php(461): Klein\Klein->dispatch(Object(Klein\Request))
#12 /var/www/html/syspass/lib/Base.php(75): SP\Bootstrap::run(Object(DI\Container))
#13 /var/www/html/syspass/index.php(28): require('/var/www/html/s...')
#14 {main}
2019-02-25 17:35:39 [ERROR] [SP\Core\Language::setLocales] Could not set locale
2019-02-25 17:35:39 [INFO] [SP\Core\PhpExtensionChecker::checkMandatory] Extensions checked
2019-02-25 17:35:39 [INFO] [SP\Core\UI\Theme::initIcons] Loaded icons cache
2019-02-25 17:35:39 [INFO] [SP\Core\Acl\Actions::loadCache] Loaded actions cache

I've tried it now with Debian 9.

@CyrosX
Copy link
Author

CyrosX commented Mar 20, 2019

OK! I've found out what was the problem.
The certificate of our AD server is not installed.
So I've added TLS_REQCERT never to /etc/ldap/ldap.conf and it worked.

My next question is, how could this be permanent be set in a docker container - even after updating it?

@nuxsmin
Copy link
Owner

nuxsmin commented Apr 26, 2019

Hello, sorry for the late reply. It's good to know you found the problem.Regarding the Docker container configuration, you can either build a new image and include the modified file or mount the configuration from any persistent volume.

Thanks for the feedback!

Regards.

@nuxsmin nuxsmin closed this as completed Apr 26, 2019
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
kind/question v3 3.0 version
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@nuxsmin @deajan @CyrosX