Setting up a new JFROG Artifactory on a Windows server.
Trying to get LDAPS to work with Active Directory. When LDAP is set for port 389 the test user can authenticate, when I Chang it to LDAPS port 636 it fails.
I have the AD CA cert in the jfrog\artifactory\var\etc\security folder and also have it in the cacerts in the third-party\java\lib\security.
Testing LDAPS with ldp.exe passes\works.
Thanks for any assistance
Related
Unable to authenticate with laps (636) with MS Ldap.
Rundeck installed in Ubuntu 20.04. Version APIVERSION : 41, BUILD : 4.7.0-20221006
Thank you for the help.
-Follow https://docs.rundeck.com/docs/administration/security/authentication.html#ldap
-Open a question on google groups named "Rundeck how to do a Microsoft LDAP authetication test"
-Restarted rundeckd service after every jaas file change.
Delete the -Djavax.net.ssl.trustStore=/etc/rundeck/ssl/truststore parameter in the rundeckd file, that's not needed if you already added the cert to the java cacert file.
With that parameter, rundeck tries to find the cert in the truststore file, not in the java cacert.
I am currently setting up a CAS server in a local network which will have to authenticate users belonging to ldap directories so that they can then connect to a web server.
A Windows Server 2019 Active Directory is the gateway to the WAN.
Environment:
Windows Server 2019 with Active Directory and DHCP, routing and DNS installed which make the link between the WAN and the LAN; IP: 192.168.100.10
LDAP Server on Centos 7 on the LAN registred on the Active Directory (no ssl certificate generated); IP: 192.168.100.50
CAS Server on Debian 11 on the LAN (no ssl certificate generated for tomcat and cas); IP: 192.168.100.101
All pinging between each other;
I'm following this process to install and configure the cas server:
https://www.esup-portail.org/wiki/pages/viewpage.action?pageId=972292097
This is my build.gradle configuration file:
build.gradle
This is my cas.properties configuration file:
cas.properties
After the copy of the war file generated in /var/lib/tomcat9/webapps/; i restart tomcat9 service.
The problem is that i can't access the cas address:
erreur_acces_site
When i check the status of Tomcat service, i got this error:
error_tomcat_service_status
Can anyone enlighten me? I can't see what's going wrong.
Moreover, if someone has a detailed procedure, which describes the environment and the prerequisites, recent and educational to install a CAS server for Centos 7, I am strongly interested
Thank you in advance!
When I remove the CAS dependencies in build.gradle and LDAP authentication config in cas.properties, I can access the CAS login screen.
I want to create a LDAP authentication for my OSS Nexus repository.
I use below info
Protocol : ldap
Authentication method : DIGEST-MD5
But When I create a LDAP connection in Nexus OSS it getting below error
Failed to connect to LDAP Server: a.b.c.d:636; socket closed
connectivity from My repository to LDAP server is OK.
What is the issue.
the ldap works on port 389 and it operates on 636 for ldaps. you might need to add the certificates you can do:openssl s_client -showcerts -connect server.com:369.This command will give you pem's you can copy and paste it through ui to ssl certificates.
I run localhost on my Windows 8.1 (Bootcamp on Mac) and need to enable ssl.
I have already default server certificates on 127.0.0.1 and localhost.
I have the localhost one assigned to my websites on port 443.
https still returns security error so I need to work on http
My websites run on 44300 port (eg. localhost:44300)
I tried to bind the certificate to 44300, still it didn't work.
How to make my locahost to work with https? Thanks
EDIT
The certificate is issued by localhost and is within Trusted Root Certification Authorities:
Btw I followed this thread to issue the certificate for my website: Enable SSL in Visual Studio
It is probably because it is not installed in Trusted Root Certification Authorities.
Solve this by starting mmc.exe.
Then go to:
File -> Add or Remove Snap-ins -> Certificates -> Add -> Computer account -> Local computer
Expand the Personal folder and you will see your localhost certificate:
Copy this into Trusted Root Certification Authorities - Certificates
The final step is to open Internet Information Services (IIS) Manager or simply inetmgr.exe. From there go to your site, select Bindings... and Add... or Edit.... Set https and select your certificate from the drop down.
Your certificate is now trusted:
Original answer:
https://stackoverflow.com/a/48790088/3850405
Try to install Microsoft IIS Administration from https://manage.iis.net/get
it will create a certification for your local server
then use https://manage.iis.net/connect , get an Access Token and connect it
check your localhost on https https://localhost
I have created a test environment. I have one ldap client, ldap listener (as a ldap proxy) and a ldap server. Ldap client sends ldap requests to ldap proxy on port 389 (SSL). Ldap proxy decodes the ldap requests and forwards them to the ldap server on port 389. And the proxy forwards the reply of the ldap server to ldap client successfully.
I created SSL certificate on ldap server. And this time I tested that ldap client sends ldap requests to ldap proxy on port 389 (SSL). Ldap proxy forwarded requests to the ldap server on port 636. And the proxy forwards the reply of the ldap server to ldap client successfully.
But there is a problem when I try to use SSL on both sides. I mean
ldap client (port 636) -> ldap proxy (port 636) -> ldap server (port
636)
My client throws an exception
javax.net.ssl.SSLHandshakeException: Remote host closed connection
during handshake
I am using unboundid ldap sdk and LdapDebugger example as a ldap proxy. How can I configure ldaplistener to accept SSL encrypted requests(port 636)?
thanks in advance...
If you're using the ldap-debugger tool provided with the LDAP SDK, it currently only supports SSL for communicating with the backend server, but not when communicating with a client. That is, the "--useSSL" option applies only for communication between the LDAP debugger and the backend directory server, and not between the client and the LDAP debugger. However, because this is potentially a very useful feature, I have just committed a set of changes that add this capability, so if you check out and build the latest version of the LDAP SDK, you will find that the ldap-debugger tool has a new "--listenUsingSSL" argument that controls this.
Note that regardless of whether you're using the ldap-debugger tool or you have created your own listener via Java code, you need to ensure that you have a Java keystore that contains the SSL certificate that will be presented to clients. If the LDAP server you're using is Java-based (e.g., the in-memory directory server provided with the LDAP SDK), then you probably already have this. Otherwise, you'll need to create one. If you're just doing this for testing purposes, a self-signed certificate should be just fine (as long as the client trusts it, or is configured to blindly trust all certificates).