Mantis 1.2.3: Configuration ldaps with certificate

Get help from other users here.

Moderators: Developer, Contributor

Post Reply
dandjo
Posts: 14
Joined: 15 Oct 2010, 12:50

Mantis 1.2.3: Configuration ldaps with certificate

Post by dandjo »

Hi friends,

I want to use Mantis with ldap authentication over ldaps with a self signed certificate. Besides the configuration parameters in config_inc.php, how do I manage to get this working? The LDAP server is running and a test-connection with another LDAP client works perfectly. Currently I get the error "LDAP Authentication Failed", my config looks like this:

Code: Select all

$g_login_method = LDAP;
$g_ldap_server = 'ldaps://url.to.server';
$g_ldap_port = '636';
$g_ldap_protocol_version = 3;
$g_ldap_root_dn = 'dc=mantisdc';
$g_ldap_uid_field = 'uid';
$g_ldap_realname_field = 'cn';
$g_use_ldap_email = ON;
$g_use_ldap_realname = ON;
Thanks!
Kind regards,
dandjo
atrol
Site Admin
Posts: 8366
Joined: 26 Mar 2008, 21:37
Location: Germany

Re: Mantis 1.2.3: Configuration ldaps with certificate

Post by atrol »

Temporary enabling LDAP tracing might help to find the problem

Code: Select all

$g_log_level = LOG_LDAP;
$g_log_destination = 'file:/tmp/mantisbt.log';
Please use Search before posting and read the Manual
dandjo
Posts: 14
Joined: 15 Oct 2010, 12:50

Re: Mantis 1.2.3: Configuration ldaps with certificate

Post by dandjo »

Hi atrol,

thanks for this hint. The log says:

Code: Select all

12-11-10 15:18 CET ldap Binding to LDAP server
12-11-10 15:18 CET ldap Attempting connection to LDAP server 'ldaps://url.to.server' port '636'.
12-11-10 15:18 CET ldap Connection accepted to LDAP server
12-11-10 15:18 CET ldap Setting LDAP protocol to  to ldap server to 3
12-11-10 15:18 CET ldap Attempting bind to ldap server with username and password
12-11-10 15:18 CET ldap bind to ldap server  failed - authentication error?
Any ideas?
The bind_dn and bind_passwd should be correct as I am able to connect via another client. I assume the problem is the self signed certificate. The question is, how I could manage to integrate this certificate within the configuration.

Kind regards,
dandjo
dandjo
Posts: 14
Joined: 15 Oct 2010, 12:50

Re: Mantis 1.2.3: Configuration ldaps with certificate

Post by dandjo »

The SOLUTION:
  1. Put the server-certificate somewhere on your harddisk (e.g. "C:\CA\certs\rootca.cer").
  2. Create the file "C:\openldap\sysconf\ldap.conf" with the content-line "tls_cacert C:\CA\certs\rootca.cer".
  3. Restart Apache.
Kind regards,
dandjo
atrol
Site Admin
Posts: 8366
Joined: 26 Mar 2008, 21:37
Location: Germany

Re: Mantis 1.2.3: Configuration ldaps with certificate

Post by atrol »

Thanks for coming back and providing the solution.

If all is running fine, don't forget to deactivate the logging.
Please use Search before posting and read the Manual
KeithG
Posts: 1
Joined: 09 Jun 2022, 17:32

Re: Mantis 1.2.3: Configuration ldaps with certificate

Post by KeithG »

Very helpful information - Thank you
I'm trying to do the same (LDAPS) in IIS (not Apache) with Certificate usage.
Where do I need to put the Root CA in this case and what config file do I modify?
THANK YOU!
Post Reply