CRLDP using http URL base??

Hi,

what does mean ID325296 ?

I'm facing the ame issue.

thanks

Hi guys,

I'm looking for a bit of guidance on how to setup a CRLDP AAA server to use HTTP as I just can't seem to get it right. We are running 11.4.1 HF3 and I have the following options configured for the CRLDP server:

Server Connection: I've specified "Pool" as "Direct" doesn't seem to save the IP address I specify. Service Port: 80 HTTP BaseDN: http://server.mydomain.com/CRL/company_issuing_ca_certification_authorities_group_dc_com_crlfile.crl Cache Timeout: 86400 Use Issuer: Unticked Allow Null CRL: Unticked Verify Signature: Enabled Connection Timeout: 15 seconds Update Interval: 0 seconds

The error I'm getting in the APM log files is as follows:

May 10 17:17:02 F5APMDEVICE debug apd[19971]: 01490000:7: modules/Authentication/Crldp/CrldpAuthModule.cpp func: "setCrldpResponseStatus()" line: 795 Msg: Crldp Response Status: Bad HTTP response status May 10 17:17:02 F5APMDEVICE warning apd[19971]: 0149015e:4: abcf0b23: CRLDP Auth agent: CRL lookup failed for LDAP url 'http://server.mydomain.com/CRL/company_issuing_ca_certification_authorities_group_dc_com_crlfile.crl' reason 'Bad HTTP response status' May 10 17:17:02 F5APMDEVICE warning apd[19971]: 01490148:4: abcf0b23: CRLDP Auth agent: Failure status 'Bad HTTP response status' May 10 17:17:02 F5APMDEVICE debug apd[19971]: 01490012:7: abcf0b23: CRLDP agent: LEAVE Function executeInstance

The LDAP error seems to suggest it isn't actually attempting to connect to the distribution point via HTTP. Where am I going wrong here?

Thanks

Peter

Hi, FYI this feature is in 11.5.X and later. In the CRLDP Auth object set to "No Server", which ignores LDAP DP's and will only use HTTP DP's.