I want to monitor our ldaps servers and also want to get the ssl certificate notification.
In the bb.host file I have set the following.
ldap://ldaphost.math.purdue.edu/ - returns green
ldaps://ldaphost.math.purdue.edu/ - returns failedI am trying to track down why ldaps is failing.
I have looked in the hobbit log files and do not see any error messages.
Where can I find the command that is used to poll the secure port for ldaphost? I want to manually try this and see what is returned.
Thanks
Robert
Robert P. McGraw, Jr.
Manager, Computer System EMAIL: rmcgraw at purdue.edu
Purdue University ROOM: MATH-807
Department of Mathematics PHONE: (765) 494-6055
150 N. University Street
West Lafayette, IN 47907-2067
On Thu, Feb 07, 2008 at 03:45:08PM -0500, McGraw, Robert P wrote:
I want to monitor our ldaps servers and also want to get the ssl certificate notification.
In the bb.host file I have set the following.
ldap://ldaphost.math.purdue.edu/ - returns green ldaps://ldaphost.math.purdue.edu/ - returns failed
I am trying to track down why ldaps is failing.
SSL-encrypted ldap - ldaps - is rather non-standard, there are at least two different implementations of it.
If your ldaps service has a specific port assigned to it - different from the normal un-encrypted ldap service - then you can just use "ldaps" (no URI behind it) to check the SSL certificate and that the port is open. With the ldap URI Hobbit uses the OpenLDAP method (really the "starttls" LDAP protocol method) - unfortunately, this method hides the LDAP server certificate so it cannot be checked.
Regards, Henrik
participants (2)
-
henrik@hswn.dk
-
rmcgraw@purdue.edu