John1
June 15, 2016, 8:23pm
#1
Hello
I am following this section on creating AD LDAPS auth for foreman
https://theforeman.org/manuals/1.11/index.html#4.1WebInterface
This is secure LDAP and here is how I exported the cert from AD
Go to Active Directory certificate authority MMC
right click CA -> all tasks -> backup CA
select "private key and CA certificate"
no password specific
Finish
I take this and put it in
/usr/local/share/ca-certificates/
Then I issue command
update-ca-certificates
It says it added a cert.
I go back on foreman and try to login with AD creds. no go.
Appreciate the help!
John
Hi John
> Hello
>
> I am following this section on creating AD LDAPS auth for foreman
> Foreman :: Manual
>
> This is secure LDAP and here is how I exported the cert from AD
>
> 1. Go to Active Directory certificate authority MMC
> 2. right click CA -> all tasks -> backup CA
> 3. select "private key and CA certificate"
> 4. no password specific
> 5. Finish
>
> I take this and put it in
>
> /usr/local/share/ca-certificates/
>
> Then I issue command
>
> update-ca-certificates
>
> It says it added a cert.
>
> I go back on foreman and try to login with AD creds. no go.
[…]
Can you provide some more details? I guess you're running Foreman on Debian /
Ubuntu?
Do you get the error message regarding untrusted / not able to verify
connection?
Perhaps some intermediate certs of your CA are missing. You can also extract the
certificates through the following way:
echo | openssl s_client -showcerts -connect $DC_FQDN:636
Try to combine the intermediate and root CA certs into one file.
Cheers
Michael
···
On Wed, 15 Jun 2016 13:23:15 -0700 (PDT) John Test wrote:
John1
June 16, 2016, 6:11pm
#3
hi Mike
I fixed this by adding the cert into the file specified in
/etc/ldap/ldap.conf
Yes this is on Ubuntu 14
Thank you for your help
John
···
On Thu, Jun 16, 2016 at 1:38 AM, Michael Hofer < michael.hofer@adfinis-sygroup.ch> wrote:
Hi John
On Wed, 15 Jun 2016 13:23:15 -0700 (PDT) > John Test johntest035@gmail.com wrote:
Hello
I am following this section on creating AD LDAPS auth for foreman
Foreman :: Manual
This is secure LDAP and here is how I exported the cert from AD
Go to Active Directory certificate authority MMC
right click CA -> all tasks -> backup CA
select “private key and CA certificate”
no password specific
Finish
I take this and put it in
/usr/local/share/ca-certificates/
Then I issue command
update-ca-certificates
It says it added a cert.
I go back on foreman and try to login with AD creds. no go.
[…]
Can you provide some more details? I guess you’re running Foreman on
Debian /
Ubuntu?
Do you get the error message regarding untrusted / not able to verify
connection?
Perhaps some intermediate certs of your CA are missing. You can also
extract the
certificates through the following way:
echo | openssl s_client -showcerts -connect $DC_FQDN:636
Try to combine the intermediate and root CA certs into one file.
Cheers
Michael
–
You received this message because you are subscribed to a topic in the
Google Groups “Foreman users” group.
To unsubscribe from this topic, visit
https://groups.google.com/d/topic/foreman-users/UGdGpN6zB0w/unsubscribe .
To unsubscribe from this group and all its topics, send an email to
foreman-users+unsubscribe@googlegroups.com .
To post to this group, send email to foreman-users@googlegroups.com .
Visit this group at https://groups.google.com/group/foreman-users .
For more options, visit https://groups.google.com/d/optout .