[SR-Users] ldap SSL

Slava Bendersky volga629 at networklab.ca
Thu Apr 10 13:24:19 CEST 2014


Hello Daniel, 
That explains a lot. Is ldap module compatible with SSSD ? 

Slava. 

----- Original Message -----

From: "Daniel-Constantin Mierla" <miconda at gmail.com> 
To: "Kamailio (SER) - Users Mailing List" <sr-users at lists.sip-router.org> 
Sent: Thursday, April 10, 2014 3:11:41 AM 
Subject: Re: [SR-Users] ldap SSL 

Hello, 

the module in kamailio doesn't have an option for ca list. This should be a configuration option for ldap server to know which trusted CA to use. The ldap client library should have the option to set the certificate and key. 

Cheers, 
Daniel 

On 10/04/14 00:27, Slava Bendersky wrote: 



Hello Everyone, 
Tried look through documentation and couldn't find anything about it ? 
Any suggestions ? 


Slava. 


----- Original Message -----

From: "Slava Bendersky" <volga629 at networklab.ca> 
To: sr-users at lists.sip-router.org 
Sent: Monday, April 7, 2014 1:57:53 PM 
Subject: [SR-Users] ldap SSL 

Hello Everyone, 
How I can specify ldap CA cert in ldap configuration ? 

The directive ca_list bellow is ignored. 


[07/Apr/2014:13:40:37 -0400] conn=20 op=-1 fd=70 closed - Peer does not recognize and trust the CA that issued your certificate. 
[07/Apr/2014:13:40:37 -0400] conn=22 op=-1 fd=64 closed - Encountered end of file. 


Current config 

ldap_server_url = "ldaps://ds389.network.com:636" 
ldap_bind_dn = "uid=adm,ou=People,dc=network,dc=com" 
ldap_bind_password = "password" 
authtype = simple 
tls = on 
ca_list = /etc/kamailio/cert/ca-cert_ldap.pem 


_______________________________________________ 
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list 
sr-users at lists.sip-router.org 
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users 



_______________________________________________
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list sr-users at lists.sip-router.org http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users 



-- 
Daniel-Constantin Mierla - http://www.asipto.com http://twitter.com/#!/miconda - http://www.linkedin.com/in/miconda 

_______________________________________________ 
SIP Express Router (SER) and Kamailio (OpenSER) - sr-users mailing list 
sr-users at lists.sip-router.org 
http://lists.sip-router.org/cgi-bin/mailman/listinfo/sr-users 

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.sip-router.org/pipermail/sr-users/attachments/20140410/efb6783a/attachment.html>


More information about the sr-users mailing list