SYSTEM WARNING: 'file_get_contents(): SSL: Connection reset by peer' in '/var/www/virtual/newwrapper/cf_topmenu.inc' line 5

SYSTEM WARNING: 'file_get_contents(): Failed to enable crypto' in '/var/www/virtual/newwrapper/cf_topmenu.inc' line 5

SYSTEM WARNING: 'file_get_contents(https://www.clearos.com/?rendertype=json&get=header): failed to open stream: operation failed' in '/var/www/virtual/newwrapper/cf_topmenu.inc' line 5

ClearOS Bug Tracker


View Issue Details Jump to Notes ] Issue History ] Print ]
IDProjectCategoryView StatusDate SubmittedLast Update
0021751ClearOSapp-openldap-directory - Directory Serverpublic2018-10-09 09:362019-07-24 15:14
ReporterNickH 
Assigned ToNickH 
PrioritynormalSeverityfeatureReproducibilityalways
StatusclosedResolutionsuspended 
PlatformOSOS Version
Product Version7.5.0 
Target VersionFixed in Version 
Summary0021751: Allow publish policies to optionally include ldap://
DescriptionFrom time to time we get customer requests to have slapd listen on port 389. If we publish a policy we only allow slapd to listen on ldaps:// (tcp:636). There are two ways round this.
1 - edit /etc/sysconfig/slapd and use a custom policy
2 - edit the unit file /usr/libexec/openldap/prestart.sh

1 has the advantage that it will survive any openldap upgrade and the disadvantage that, if you specify a LAN IP such as ldaps://192.168.0.1, [^] then if your LAN IP changes, slapd will refuse to start. It also taked you outside the webconfig as "custom" is not an available option there.
2 had the advantages that it will survive a LAN IP change and does not go outside the webconfig, and the disadvantage that it may get overwritten by an openldap update.

I don't believe it will be too difficult to add a couple more options to the webconfig something like:
    Local Networks (without SSL)
    All Networks (without SSL)

and make the necessary adjustments to /usr/libexec/openldap/prestart.sh
TagsNo tags attached.
Attached Files

- Relationships

-  Notes
(0008131)
NickH (developer)
2018-10-09 10:46

Just clarifying, if you add ldap:// options, if they are selected they should also publish ldaps:// rather than do it instead of.
(0012241)
NickH (developer)
2019-07-24 15:14

Migrated to https://gitlab.com/clearos/clearfoundation/app-openldap/issues/7 [^]

- Issue History
Date Modified Username Field Change
2018-10-09 09:36 NickH New Issue
2018-10-09 09:40 user2 Status new => confirmed
2018-10-09 09:41 user2 Product Version 7.5.0 Updates => 7.5.0
2018-10-09 10:46 NickH Note Added: 0008131
2019-07-24 15:14 NickH Note Added: 0012241
2019-07-24 15:14 NickH Status confirmed => closed
2019-07-24 15:14 NickH Assigned To => NickH
2019-07-24 15:14 NickH Resolution open => suspended

SYSTEM WARNING: 'file_get_contents(https://www.clearos.com/?rendertype=json&get=footer): failed to open stream: Connection refused' in '/var/www/virtual/newwrapper/cf_footer.inc' line 7