how to load an LDAP client cert RHEL7 authconfig-tui
I have a RHEL7 machine that needs to be configured as an LDAP client (user/auth, using authconfig-tui).
When finishing authconfig-tui, it says, just copy the cert to /etc/openldap/cacerts, which I did
wget http://path/to/cert.crt -O /etc/openldap/cacerts/cert.crt
But when I try to log in with an LDAP user, the /var/log/messages says self signed certificate, unknown user, ldap server not found. I can ping the LDAP server.
Question: I'm suspecting I can somehow "load" the certificate with authconfig(-tui?), but how?
rhel ldap certificates
edited Jun 11 '16 at 16:51
Jakuje
16.5k53256
asked Jun 11 '16 at 9:57
LoukiosValentine79LoukiosValentine79
44421031
bumped to the homepage by Community♦ 2 hours ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
I have a RHEL7 machine that needs to be configured as an LDAP client (user/auth, using authconfig-tui).
When finishing authconfig-tui, it says, just copy the cert to /etc/openldap/cacerts, which I did
wget http://path/to/cert.crt -O /etc/openldap/cacerts/cert.crt
But when I try to log in with an LDAP user, the /var/log/messages says self signed certificate, unknown user, ldap server not found. I can ping the LDAP server.
Question: I'm suspecting I can somehow "load" the certificate with authconfig(-tui?), but how?
rhel ldap certificates
edited Jun 11 '16 at 16:51
Jakuje
16.5k53256
asked Jun 11 '16 at 9:57
LoukiosValentine79LoukiosValentine79
44421031
bumped to the homepage by Community♦ 2 hours ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
I have a RHEL7 machine that needs to be configured as an LDAP client (user/auth, using authconfig-tui).
When finishing authconfig-tui, it says, just copy the cert to /etc/openldap/cacerts, which I did
wget http://path/to/cert.crt -O /etc/openldap/cacerts/cert.crt
But when I try to log in with an LDAP user, the /var/log/messages says self signed certificate, unknown user, ldap server not found. I can ping the LDAP server.
Question: I'm suspecting I can somehow "load" the certificate with authconfig(-tui?), but how?
rhel ldap certificates
edited Jun 11 '16 at 16:51
Jakuje
16.5k53256
asked Jun 11 '16 at 9:57
LoukiosValentine79LoukiosValentine79
44421031
I have a RHEL7 machine that needs to be configured as an LDAP client (user/auth, using authconfig-tui).
When finishing authconfig-tui, it says, just copy the cert to /etc/openldap/cacerts, which I did
wget http://path/to/cert.crt -O /etc/openldap/cacerts/cert.crt
But when I try to log in with an LDAP user, the /var/log/messages says self signed certificate, unknown user, ldap server not found. I can ping the LDAP server.
Question: I'm suspecting I can somehow "load" the certificate with authconfig(-tui?), but how?
rhel ldap certificates
rhel ldap certificates
edited Jun 11 '16 at 16:51
Jakuje
16.5k53256
asked Jun 11 '16 at 9:57
LoukiosValentine79LoukiosValentine79
44421031
edited Jun 11 '16 at 16:51
Jakuje
16.5k53256
asked Jun 11 '16 at 9:57
LoukiosValentine79LoukiosValentine79
44421031
edited Jun 11 '16 at 16:51
Jakuje
16.5k53256
edited Jun 11 '16 at 16:51
Jakuje
16.5k53256
edited Jun 11 '16 at 16:51
Jakuje
16.5k53256
16.5k53256
asked Jun 11 '16 at 9:57
LoukiosValentine79LoukiosValentine79
44421031
asked Jun 11 '16 at 9:57
LoukiosValentine79LoukiosValentine79
44421031
asked Jun 11 '16 at 9:57
LoukiosValentine79LoukiosValentine79
44421031
44421031
bumped to the homepage by Community♦ 2 hours ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
bumped to the homepage by Community♦ 2 hours ago
This question has answers that may be good or bad; the system has marked it active so that they can be reviewed.
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
After copying the certificate to /etc/openldap/cacerts/, you can try using this command:
authconfig --enableldaptls --update
answered Aug 31 '16 at 11:07
mit13mit13
334
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "106"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: false,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: null,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f289126%2fhow-to-load-an-ldap-client-cert-rhel7-authconfig-tui%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
After copying the certificate to /etc/openldap/cacerts/, you can try using this command:
authconfig --enableldaptls --update
answered Aug 31 '16 at 11:07
mit13mit13
334
add a comment |
After copying the certificate to /etc/openldap/cacerts/, you can try using this command:
authconfig --enableldaptls --update
answered Aug 31 '16 at 11:07
mit13mit13
334
add a comment |
After copying the certificate to /etc/openldap/cacerts/, you can try using this command:
authconfig --enableldaptls --update
answered Aug 31 '16 at 11:07
mit13mit13
334
After copying the certificate to /etc/openldap/cacerts/, you can try using this command:
authconfig --enableldaptls --update
answered Aug 31 '16 at 11:07
mit13mit13
334
answered Aug 31 '16 at 11:07
mit13mit13
334
answered Aug 31 '16 at 11:07
mit13mit13
334
answered Aug 31 '16 at 11:07
mit13mit13
334
334
add a comment |
add a comment |
Thanks for contributing an answer to Unix & Linux Stack Exchange!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2funix.stackexchange.com%2fquestions%2f289126%2fhow-to-load-an-ldap-client-cert-rhel7-authconfig-tui%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
