RHEL5 to Windows CA, Apache2/LDAP BINDing
I'm trying to establish an LDAP over SSL connection to a Windows SBS 2003 server for domain authentication within an Apache server, so that when Browsers connect to the apache pages they have to enter a Domain password/account.
I have the basic LDAP client authentication and binding working, but not over SSL.
I've tested LDAP(ssl) from a PC client to the server and that works ok.
I know from Wireshark traces that the bind is failing, because of a "Unknown CA" error showing in the capture. This should be because the SBS server is self-signed, and the RHLE5 won't have the Root CA listed as an authority anywhere.
So I know I need to add the Root CA to the RHEL5 server somewhere, but I'm not sure where. As this involves Apache and ApacheLDAP modules, where does it go? or is there a more generic place that RHEL5 stores root certs (like Windows does in the registry) ?
After I get that working, then I'll need to add a certifcate to Apache (signed by the SBS Root CA) so that the Browser <> RHEL5 Apache connection can also be done over SSL, securing the whole path. But one problem at a time..
Any help appreciated.
Theres no Samba config implemented for this yet, and I hope I don't have to..