[ejabberd] LDAP authentication fails with SSL encryption

Renato Alves rjalves at igc.gulbenkian.pt
Fri Jul 6 18:49:44 MSK 2012


Hi everyone,

I currently have ejabberd 2.1.10 running on Ubuntu precise.

I'm using LDAP for authentication. LDAP access is anonymous and read-only.

If I setup authentication with:

{ldap_encrypt, none}.
{ldap_port, 389}.

Everything works as expected and users are able to login.

However when I enable encryption the server crashes at start. The
settings I have are the following:

{ldap_encrypt, tls}.
{ldap_tls_verify, false}.
{ldap_port, 636}.

The logs show quite a few errors which seem to repeat but it's not clear
to me what's wrong. Logs can be found here:
http://bioinformatics.igc.gulbenkian.pt/share/ejabberd.log
http://bioinformatics.igc.gulbenkian.pt/share/erlang.log

In addition I can connect to LDAPS on the same machine by using:
ldapsearch -H ldaps://ldap -x

For this to work I must include "TLS_REQCERT never" on
/etc/ldap/ldap.conf , but as far as I understand this is equivalent to
{ldap_tls_verify, false}. which I already use.

Can anyone shed some light on what could be causing the problem?

Thanks,
Renato

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 262 bytes
Desc: OpenPGP digital signature
URL: <http://lists.jabber.ru/pipermail/ejabberd/attachments/20120706/91911d6a/attachment.bin>


More information about the ejabberd mailing list