Search the Community
Showing results for tags 'ssl'.
Found 2 results
Hello everybody, I suddently have a problem with one of my Plastic SCM client on Windows. Everything worked well, but since last week I can't connect to my Plastic server anymore. Nothing changes in server config nor in my client config, but now I've got this message "The remote certificate is not valid according to the validation procedure" (see attached picture). The server has an attached domain with a valid, not expirated, certificate. But, as my client is on the same network as the server and as my box can't do loopback (domain name pointing to itself) I have an entry in my client host file to redirect domain name to local server IP address. This worked for more than 3 years without problem. The only thing that happened last week is that I used my PC out of office, so I removed the redirect line in my client host file in order to do my commit through "real" internet. This also worked properly. But a few hours later when I restarted Plastic from my office again (with local host redirection), it began to display the error message. Server and clients were in version 188.8.131.5204, I updated my Windows client to 184.108.40.20668 but the problem did not disappear. Two other clients (on Mac) don't suffer from the problem and continu to reach the server without problem, locally or through internet. So my question is : is there a kind of certificate cache on Windows client ? ... Perhaps wrong data was cached when I came back to my office. I tried to clear windows ssl state in "internet options" but it had no effect. Any idea ?
I'd like to setup Plastic to use LDAP authentication with SSL, connecting to Novell's eDirectory. There seem to be several issues with this. First, I can't seem to get Plastic to connect using SSL to any LDAP (tried both the LDAP interface to Active Directory as well as eDirectory). Are SSL connections not supported? Trying to bind to LDAP while sending credentials information across the network unencrypted simply won't work anywhere where security is a priority. Second, it seems that Plastic's implementation of "pure" LDAP is maybe lacking? I'm not sure. Does plastic truly support LDAP, or just the LDAP interface to Active Directory? On the configuration wizard for LDAP, I enter the host and domain for the eDirectory server. I then have tried several different ways of specifying the user, all to no avail. My normal user id in order to bind would be fully qualified, such as "uid=username,ou=orgunit,dc=subdomain,dc=topleveldomain". There simply seems no way for me to be able to get the "Test Connection" button to work. The response it gives is unhelpful, telling me the username, password, or domain is incorrect. I know the user and password are correct because I can bind using those credentials through an LDAP explorer. The thing I'm not so sure about is the domain. I've tried several different strings in that box, all to no avail. I've tried the host name, the "subdmian.topdomain", the "dc=subdomain,dc=topdomain" syntax, I even tried including the ou in that as well, all to no avail. What am I missing here? 1) Does Plastic support connecting to LDAP over SSL? 2) Does Plastic support connecting to Novell's eDirectory? If so, how does one go about doing that? I have no problems connecting using other tools. As an aside...would the developers of Plastic ever consider adding a plugin/extension capability for authentication? Many other unrelated products (such as Jira) do this, just defining an interface and allowing customer to implement their own mechanism. It would be nice, for example, to simply write a quick and dirty plugin that just forwards the credentials specified to our federated SSO provider.