Python LDAP:不支持签名算法

$ ldapsearch -H ldaps://xxx.xxx.gov/ -b "OU=xxx" -x -d1 ldap_url_parse_ext(ldaps://xxx.xxx.gov/) ldap_create ldap_url_parse_ext(ldaps://xxx.xxx.gov:636/??base) ldap_sasl_bind ldap_send_initial_request ldap_new_connection 1 1 0 ldap_int_open_connection ldap_connect_to_host: TCP xxx.xxx.gov:636 ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying 128.219.164.41:636 ldap_pvt_connect: fd: 3 tm: -1 async: 0 TLS: can't connect: The signature algorithm is not supported.. ldap_err2string ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

2条回答

网友

1楼 · 编辑于 2024-05-29 07:52:51

太奇怪了，从今天开始我也有同样的问题。我更新了我的ubuntu14.04，从那以后，我无法用PHP连接到LDAP服务器。在

经过几次挖掘，我和你在ldapsearch中犯了同样的错误：

ldapsearch -H ldaps://172.22.5.52/ -b "OU=XXX" -x -d5
ldap_url_parse_ext(ldaps://172.22.5.52/)
ldap_create
ldap_url_parse_ext(ldaps://172.22.5.52:636/??base)
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP 172.22.5.52:636
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying 172.22.5.52:636
ldap_pvt_connect: fd: 3 tm: -1 async: 0
TLS: can't connect: The signature algorithm is not supported..
ldap_err2string
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

你的帖子让我觉得包裹好像坏了。。。在

网友

2楼 · 编辑于 2024-05-29 07:52:51

这是一个LDAP（gnutls）问题，而不是python。 gnutls26安全更新禁用了md5支持。要检查服务器是否使用md5证书，请运行：

openssl s_client -showcerts -connect xxx.xxx.xx:636 < /dev/null |  openssl x509 -noout -text > cert.txt

$ cat cert.txt | grep -i signature
Signature Algorithm: md5WithRSAEncryption
Signature Algorithm: md5WithRSAEncryption

同时，解决方案正在降级gnutls26或更改（如果可以的话）LDAP服务器提供的证书。在

相关问题更多 >

编程相关推荐

热门问题

热门文章