Project

General

Profile

Actions

Bug #14943

closed

Authentication server LDAPs Unknown CA

Added by Marcelo Cury about 1 year ago. Updated about 1 year ago.

Status:
Not a Bug
Priority:
Low
Assignee:
-
Category:
Authentication
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Release Notes:
Default
Affected Plus Version:
23.05.1
Affected Architecture:
4100

Description

Found that if you configure an authentication server without authentication (Standard TCP 389), and after that you change the configuration to SSL/TLS encrypted, connection works but you get a Unknown CA after a while.
Unknown CA message comes from pfSense's IP address.

Found this capturing packets on port 636 from the firewall to the LDAP server (samba-ad).


To solve this, you have to delete the authentication server completely, and recreate it again using the TLS/SSL 636 option, with the same settings.


Files

Actions #1

Updated by Marcelo Cury about 1 year ago

Weird, it seems that this only happens in the Dashboard.
Even when I remove the authentication server entirely and recreate it, the problem still happens, but only in the Dashboard.

Logs:

Actions #2

Updated by Marcelo Cury about 1 year ago

Fixed by connecting to the console and ran menu options 16 then 11 as suggested in https://docs.netgate.com/pfsense/en/latest/troubleshooting/authentication.html

Kindly go ahead and close this bug report.

Thanks pfSense team.

Actions #3

Updated by Jim Pingle about 1 year ago

  • Status changed from New to Not a Bug
Actions

Also available in: Atom PDF