Cisco Secure ACS and SSL LDAP

Discussion in 'Cisco' started by Silvio Arcangeli, Oct 21, 2003.

  1. Hi everybody,
    sorry if I post again on this topic. I discovered some new things about this
    issue, and I saw that previous threads on the same topic had no follow ups,
    so I thought someone could be interested in it.

    I'm setting up a Cisco ACS server to perform authentications against a Java
    LDAP server. I managed to correctly configure ACS (clear-text
    authentications on port 389 are working fine), and to correctly configure my
    LDAP server (SSL connections from Java clients are working fine).
    I managed to build a cert7.db file (through an old version of Mozilla),
    containing the certificate used by the LDAP server.
    But still it seems that ACS is not able to connect to the LDAP through SSL.

    So I went on, and through the SSLTAP tool contained in the NSS library I
    tracked the SSL traffic between ACS and the LDAP server.

    What I got was this log:
    http://www.narni.it/silvio/cisco/sslLogNOK.html

    I also tracked a correct handshaking (with a Java client), and the log was
    this one:
    http://www.narni.it/silvio/cisco/sslLogOK.html

    I don't know much about SSL... but from what I could understand I'm starting
    to doubt that the problem is that ACS and the Java LDAP server have no
    common encryption algorhitms.
    Is there anyone who can confirm this doubt or explain what happens?

    thank you very much,
    Silvio Arcangeli
     
    Silvio Arcangeli, Oct 21, 2003
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Silvio Arcangeli
    Replies:
    0
    Views:
    2,533
    Silvio Arcangeli
    Oct 20, 2003
  2. Replies:
    1
    Views:
    6,816
    www.BradReese.Com
    Jul 26, 2005
  3. DaveW
    Replies:
    1
    Views:
    3,001
    Vivek
    Oct 6, 2005
  4. Tony

    LDAP - ACS

    Tony, Oct 25, 2006, in forum: Cisco
    Replies:
    1
    Views:
    600
    Thrill5
    Oct 26, 2006
  5. D K
    Replies:
    0
    Views:
    367
Loading...

Share This Page