Dann ist es im \u00fcbrigen auch auf der pfSense einstellbar, dass es Wurst sein soll, dass das LDAP-Zertifikat auf dem LD-Server self signed ist. Hauptsache das Zertifikat in Richtung Internet ist sauber (z.B. Let’sEncrypt-Certificate mit ACME Plugin f\u00fcr pfSense), damit sich z.B. ein Moodle verbinden kann.<\/p>\n Tools zum Debuggen: tcpdump<\/a>, Apache directory Studio<\/a><\/p>\n","protected":false},"excerpt":{"rendered":" Situation: LDAPs Verbindungen sollen via pfSense und dem dortigen HAProxy an den LD-Server ge-proxied werden, um mehr Kontrolle \u00fcber die zul\u00e4ssigen LDAP-Hosts zu haben als mit plain LD-Server. Problem: Obwohl die LDAPs Verbindung vom Client via pfSense und HAProxy zum lokalen LDAP-Server klappt, geht keine Antwort vom LDAP-Server nach Au\u00dfen. L\u00f6sung: TLS1.3 verbieten – mit […]<\/p>\n","protected":false},"author":2,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[5,19,10],"tags":[468,489,628],"class_list":["post-5719","post","type-post","status-publish","format-standard","hentry","category-linux","category-paedml","category-schule","tag-ldap","tag-logodidact","tag-pfsense"],"_links":{"self":[{"href":"https:\/\/www.bdjl.de\/localhost\/index.php?rest_route=\/wp\/v2\/posts\/5719","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.bdjl.de\/localhost\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.bdjl.de\/localhost\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.bdjl.de\/localhost\/index.php?rest_route=\/wp\/v2\/users\/2"}],"replies":[{"embeddable":true,"href":"https:\/\/www.bdjl.de\/localhost\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=5719"}],"version-history":[{"count":8,"href":"https:\/\/www.bdjl.de\/localhost\/index.php?rest_route=\/wp\/v2\/posts\/5719\/revisions"}],"predecessor-version":[{"id":5728,"href":"https:\/\/www.bdjl.de\/localhost\/index.php?rest_route=\/wp\/v2\/posts\/5719\/revisions\/5728"}],"wp:attachment":[{"href":"https:\/\/www.bdjl.de\/localhost\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=5719"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.bdjl.de\/localhost\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=5719"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.bdjl.de\/localhost\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=5719"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}![\"\"](\"https:\/\/www.bdjl.de\/localhost\/wp-content\/uploads\/2023\/04\/haproxy-frontend-ldaps.png\")
<\/a><\/p>\n