<html xmlns:v="urn:schemas-microsoft-com:vml" xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:Helvetica;
panose-1:2 11 6 4 2 2 2 2 2 4;}
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0cm;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
p.msonormal0, li.msonormal0, div.msonormal0
{mso-style-name:msonormal;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
p.yiv6055996592msonormal, li.yiv6055996592msonormal, div.yiv6055996592msonormal
{mso-style-name:yiv6055996592msonormal;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
p.yiv6055996592msochpdefault, li.yiv6055996592msochpdefault, div.yiv6055996592msochpdefault
{mso-style-name:yiv6055996592msochpdefault;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Times New Roman",serif;}
span.yiv6055996592msohyperlink
{mso-style-name:yiv6055996592msohyperlink;}
span.yiv6055996592msohyperlinkfollowed
{mso-style-name:yiv6055996592msohyperlinkfollowed;}
span.yiv6055996592emailstyle17
{mso-style-name:yiv6055996592emailstyle17;}
p.yiv6055996592msonormal1, li.yiv6055996592msonormal1, div.yiv6055996592msonormal1
{mso-style-name:yiv6055996592msonormal1;
margin:0cm;
margin-bottom:.0001pt;
font-size:11.0pt;
font-family:"Calibri",sans-serif;}
span.yiv6055996592msohyperlink1
{mso-style-name:yiv6055996592msohyperlink1;
color:#0563C1;
text-decoration:underline;}
span.yiv6055996592msohyperlinkfollowed1
{mso-style-name:yiv6055996592msohyperlinkfollowed1;
color:#954F72;
text-decoration:underline;}
span.yiv6055996592emailstyle171
{mso-style-name:yiv6055996592emailstyle171;
font-family:"Calibri",sans-serif;
color:windowtext;}
p.yiv6055996592msochpdefault1, li.yiv6055996592msochpdefault1, div.yiv6055996592msochpdefault1
{mso-style-name:yiv6055996592msochpdefault1;
mso-margin-top-alt:auto;
margin-right:0cm;
mso-margin-bottom-alt:auto;
margin-left:0cm;
font-size:12.0pt;
font-family:"Calibri",sans-serif;}
span.EmailStyle28
{mso-style-type:personal-reply;
font-family:"Calibri",sans-serif;
color:#1F497D;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:612.0pt 792.0pt;
margin:72.0pt 72.0pt 72.0pt 72.0pt;}
div.WordSection1
{page:WordSection1;}
--></style><!--[if gte mso 9]><xml>
<o:shapedefaults v:ext="edit" spidmax="1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext="edit">
<o:idmap v:ext="edit" data="1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang="EN-CA" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US">I know SSL works because I’ve tested connectivity on the server, I can connect and do a query no problems through ssl. But when I
“activate” SSL on the app it still falls back to 389. This is just for the app.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US">IS there maybe somewhere else within the app that is making that call to LDAPS/LDAP.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:"Calibri",sans-serif;color:#1F497D;mso-fareast-language:EN-US"><o:p> </o:p></span></p>
<div>
<div style="border:none;border-top:solid #E1E1E1 1.0pt;padding:3.0pt 0cm 0cm 0cm">
<p class="MsoNormal"><b><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri",sans-serif">From:</span></b><span lang="EN-US" style="font-size:11.0pt;font-family:"Calibri",sans-serif"> zendto-bounces@zend.to [mailto:zendto-bounces@zend.to]
<b>On Behalf Of </b>Jordack<br>
<b>Sent:</b> March-28-16 3:47 PM<br>
<b>To:</b> ZendTo Users <zendto@zend.to><br>
<b>Subject:</b> Re: [ZendTo] AD SSL issues<o:p></o:p></span></p>
</div>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div id="yui_3_16_0_ym18_1_1459193848375_3817">
<p class="MsoNormal" style="background:white"><span style="font-size:10.5pt;font-family:"Helvetica",sans-serif;color:black">I'm not seeing that. Mine is connecting over 636.<o:p></o:p></span></p>
</div>
<div id="yui_3_16_0_ym18_1_1459193848375_3818">
<p class="MsoNormal" style="background:white"><span style="font-size:10.5pt;font-family:"Helvetica",sans-serif;color:black"><o:p> </o:p></span></p>
</div>
<div id="yui_3_16_0_ym18_1_1459193848375_3818">
<p class="MsoNormal" style="background:white"><span style="font-size:10.5pt;font-family:"Helvetica",sans-serif;color:black">Maybe its failing back to cleartext if SSL fails.<o:p></o:p></span></p>
</div>
<div id="yui_3_16_0_ym18_1_1459193848375_3818">
<p class="MsoNormal" style="background:white"><span style="font-size:10.5pt;font-family:"Helvetica",sans-serif;color:black"><o:p> </o:p></span></p>
</div>
<div id="yui_3_16_0_ym18_1_1459193848375_3818">
<p class="MsoNormal" style="background:white"><span style="font-size:10.5pt;font-family:"Helvetica",sans-serif;color:black">I know with every system I've setup LDAP on it requires setting the CACert in the ldap.conf file<o:p></o:p></span></p>
</div>
<div id="yui_3_16_0_ym18_1_1459193848375_3818">
<p class="MsoNormal" style="background:white"><span style="font-size:10.5pt;font-family:"Helvetica",sans-serif;color:black"><o:p> </o:p></span></p>
</div>
<div id="yui_3_16_0_ym18_1_1459193848375_3818">
<p class="MsoNormal" style="background:white"><span style="font-size:10.5pt;font-family:"Helvetica",sans-serif;color:black">/etc/openldap/ldap.conf<br>
<br>
<o:p></o:p></span></p>
</div>
<div id="yui_3_16_0_ym18_1_1459193848375_3818">
<p class="MsoNormal" style="background:white"><span style="font-size:10.5pt;font-family:"Helvetica",sans-serif;color:black">TLS_CACERT /etc/pki/tls/certs/TrustedRoot2015.pem<br>
<br>
<o:p></o:p></span></p>
</div>
<div id="yui_3_16_0_ym18_1_1459193848375_3818">
<p class="MsoNormal" style="background:white"><span style="font-size:10.5pt;font-family:"Helvetica",sans-serif;color:black"><o:p> </o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="margin-bottom:12.0pt;background:white"><span style="font-size:10.5pt;font-family:"Helvetica",sans-serif;color:black"><o:p> </o:p></span></p>
</div>
<div>
<div>
<div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-size:10.0pt;font-family:"Arial",sans-serif;color:black">On Monday, March 28, 2016 8:11 AM, Brian Novogradac <<a href="mailto:Brian.Novogradac@utoronto.ca">Brian.Novogradac@utoronto.ca</a>> wrote:</span><span style="font-family:"Helvetica",sans-serif;color:black"><o:p></o:p></span></p>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt;background:white"><span style="font-family:"Helvetica",sans-serif;color:black"><o:p> </o:p></span></p>
<div>
<div id="yiv6055996592">
<div>
<div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-family:"Helvetica",sans-serif;color:black">Hello,<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-family:"Helvetica",sans-serif;color:black"> <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-family:"Helvetica",sans-serif;color:black">I am having a tough time here hope someone could shed some light. I have no problem using the application via AD unencrypted 389. I go to activate using
SSL protocol by changing 'authLDAPUseSSL1' => true.<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-family:"Helvetica",sans-serif;color:black"> <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-family:"Helvetica",sans-serif;color:black">After a bunch of digging and troubleshooting the application is still trying to use port 389 instead of 636.
<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-family:"Helvetica",sans-serif;color:black"> <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-family:"Helvetica",sans-serif;color:black">Any help appreciated<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-family:"Helvetica",sans-serif;color:black"> <o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-family:"Helvetica",sans-serif;color:black">Brian Novogradac<br>
<span style="background:white">System Analyst, Computing Services (I&ITS)</span><br>
<br>
University of Toronto at Mississauga<br>
3359 Mississauga Road N.<br>
Mississauga, Ontario, L5L 1C6<br>
<br>
(P) 416-435-2543<br>
(F) 905-569-4343<br>
(E) </span><span style="font-family:"Helvetica",sans-serif;color:#4472C4"><a href="mailto:brian.novogradac@utoronto.ca" target="_blank"><span style="color:#4472C4">brian.novogradac@utoronto.ca</span></a></span><span style="font-family:"Helvetica",sans-serif;color:black"><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-family:"Helvetica",sans-serif;color:black">(W)
</span><span style="font-family:"Helvetica",sans-serif;color:#4472C4"><a href="http://www.utm.utoronto.ca/iits" target="_blank"><span style="color:#4472C4">www.utm.utoronto.ca/iits</span></a></span><span style="font-family:"Helvetica",sans-serif;color:black"><br>
<br>
</span><span style="font-size:10.0pt;font-family:"Helvetica",sans-serif;color:black">This E-mail contains privileged and confidential information intended only for the individual or entity named in the message. If the reader of this message is not the intended
recipient, or the agent responsible to deliver it to the intended recipient, you are hereby notified that any review, dissemination, distribution or copying of this communication is prohibited. If this communication was received in error, please notify the
sender by reply E-mail immediately, and delete and destroy the original message.</span><span style="font-family:"Helvetica",sans-serif;color:black"><o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-family:"Helvetica",sans-serif;color:black"> <o:p></o:p></span></p>
</div>
</div>
</div>
</div>
<p class="MsoNormal" style="margin-bottom:12.0pt;background:white"><span style="font-family:"Helvetica",sans-serif;color:black"><br>
_______________________________________________<br>
ZendTo mailing list<br>
<a href="mailto:ZendTo@zend.to">ZendTo@zend.to</a><br>
<a href="http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto" target="_blank">http://mailman.ecs.soton.ac.uk/mailman/listinfo/zendto</a><o:p></o:p></span></p>
</div>
</div>
</div>
</div>
</div>
</div>
</body>
</html>