[lnkForumImage]
TotalShareware - Download Free Software
Confronta i prezzi di migliaia di prodotti.
Asp Forum
 Home | Login | Register | Search 


 

Forums >

comp.lang.ruby

net-ldap and OpenSSL

Glen Holcomb

3/3/2008 4:41:00 PM

[Note: parts of this message were removed to make it a legal post.]

I am having trouble making an SSL connection to an LDAP server. After
setting my object to use simple_tls I get the following error when trying to
connect to port 636 on the LDAP (AD) server:

OpenSSL::SSL::SSLError

Nothing more useful than that. I get a brief stack trace but it isn't all
that useful either.

--
"Hey brother Christian with your high and mighty errand, Your actions speak
so loud, I can't hear a word you're saying."

-Greg Graffin (Bad Religion)
5 Answers

Vladimir Konrad

3/3/2008 5:23:00 PM

0

> I am having trouble making an SSL connection to an LDAP server.

This works for me (from linux to AD server):

@con = Net::LDAP.new(:host => ldap_server,
:port => 636,
:base => base_dn,
:encryption => :simple_tls)

Hope this helped,

Vlad

Glen Holcomb

3/3/2008 5:28:00 PM

0

[Note: parts of this message were removed to make it a legal post.]

Attempting this by hand yields the same results, which makes me think it
isn't necessarily a problem with net/ldap.

I get the same useless error when attempting the connection by hand:

@sslcon = TCPsocket.new("datadc1", 636)
@context = OpenSSL::SSL::SSLContext.new
@context.verify_mode = OpenSSL::SSL::VERIFY_NONE
@sslcon = OpenSSL::SSL::SSLSocket.new(@sslcon, @context)
@sslcon.connect

then I get OpenSSL::SSL::SSLError


On Mon, Mar 3, 2008 at 9:41 AM, Glen Holcomb <damnbigman@gmail.com> wrote:

> I am having trouble making an SSL connection to an LDAP server. After
> setting my object to use simple_tls I get the following error when trying
> to
> connect to port 636 on the LDAP (AD) server:
>
> OpenSSL::SSL::SSLError
>
> Nothing more useful than that. I get a brief stack trace but it isn't all
> that useful either.
>
> --
> "Hey brother Christian with your high and mighty errand, Your actions
> speak
> so loud, I can't hear a word you're saying."
>
> -Greg Graffin (Bad Religion)
>



--
"Hey brother Christian with your high and mighty errand, Your actions speak
so loud, I can't hear a word you're saying."

-Greg Graffin (Bad Religion)

Glen Holcomb

3/3/2008 5:32:00 PM

0

[Note: parts of this message were removed to make it a legal post.]

Thanks for the response Vlad. However I still get the
OpenSSL::SSL::SSLError. I'm getting the feeling that the OpenSSL library
doesn't work right in Windows. I'm also having trouble finding good
documentation for the module that is written in English.

On Mon, Mar 3, 2008 at 10:24 AM, Vladimir Konrad <vk@dsl.pipex.com> wrote:

> > I am having trouble making an SSL connection to an LDAP server.
>
> This works for me (from linux to AD server):
>
> @con = Net::LDAP.new(:host => ldap_server,
> :port => 636,
> :base => base_dn,
> :encryption => :simple_tls)
>
> Hope this helped,
>
> Vlad
>
>


--
"Hey brother Christian with your high and mighty errand, Your actions speak
so loud, I can't hear a word you're saying."

-Greg Graffin (Bad Religion)

Vladimir Konrad

3/4/2008 2:02:00 PM

0


> I get the same useless error when attempting the connection by hand:

Wild guess, it is possible that it is trying (and failing) to validate
SSL certificate...

Vlad

Glen Holcomb

3/4/2008 2:24:00 PM

0

[Note: parts of this message were removed to make it a legal post.]

Thanks again Vlad. I think I figured it out late last night. There is
something strange about SSL on port 636 on that machine. When connecting to
another domain controller (different domain) on the SSL port it works fine.

An actual error message would be completely awesome though.

On Tue, Mar 4, 2008 at 7:04 AM, Vladimir Konrad <vk@dsl.pipex.com> wrote:

>
> > I get the same useless error when attempting the connection by hand:
>
> Wild guess, it is possible that it is trying (and failing) to validate
> SSL certificate...
>
> Vlad
>
>


--
"Hey brother Christian with your high and mighty errand, Your actions speak
so loud, I can't hear a word you're saying."

-Greg Graffin (Bad Religion)