LDAP initialization error: Connection reset by peer
Concerned version
Version: %2.0.6
Platform: (Apache)
Summary
Summarize the bug encountered concisely
I'm using Lemonldap on version 1.9.18 in production and i'm installing the new version in Pre Production. I'm using the same Active Directory for the old and the new plateform. With a fresh install with AD authentication i have an error on the portal page :
Unable to protect this server (Lemonldap::NG::Common::Conf::Backends::File loaded. Configuration unchanged, get configuration from cache.)
in the log I can see AD authentication error and on my AD server I have this error :
Une demande de connexion TLS 1.2 a été reçue à partir d’une application cliente distante, mais aucune des suites de chiffrement prises en charge par l’application cliente n’est prise en charge par le serveur. La demande de connexion SSL a échoué.
I can find on google information about 512 certificate :
https://blogs.technet.microsoft.com/silvana/2014/03/14/schannel-errors-on-scom-agent/
But after applying the microsoft patch I have the same error for authentication AD.
Logs
==> /var/log/apache2/error.log <==
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Logger Lemonldap::NG::Common::Logger::Std loaded
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] User logger Lemonldap::NG::Common::Logger::Std loaded
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Check configuration for Lemonldap::NG::Handler::PSGI::Main
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Lemonldap::NG::Common::Conf::Backends::File loaded.
Configuration unchanged, get configuration from cache.
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Get configuration 7
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [info] Loading configuration 7 for process 7287
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Process 7287 calls defaultValuesInit
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Process 7287 calls jailInit
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Process 7287 calls portalInit
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Process 7287 calls locationRulesInit
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Process 7287 calls sessionStorageInit
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Process 7287 calls headersInit
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Process 7287 calls postUrlInit
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Process 7287 calls aliasInit
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Launching Lemonldap::NG::Portal::Main->reloadConf(conf)
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Initialized CSP headers : default-src 'self';img-src 'self' data:;style-src 'self';font-src 'self';connect-src 'self';script-src 'self';
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Initialized CORS headers : Access-Control-Allow-Origin;*;Access-Control-Allow-Credentials;true;Access-Control-Allow-Headers;*;Access-Control-Allow-Methods;POST,GET;Access-Control-Expose-Headers;*;Access-Control-Max-Age;86400;
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Module Lemonldap::NG::Portal::Main::Menu loaded
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Plugin ::Main::Menu initializated
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Module Lemonldap::NG::Portal::Auth::AD loaded
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Module Lemonldap::NG::Portal::Lib::OneTimeToken loaded
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [error] Connection reset by peer
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [error] LDAP initialization error: Connection reset by peer
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [error] LDAP initialization has failed, but let's continue
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] LDAP Search base: dc=domain,dc=loc
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] LDAP transformed filter: (&(sAMAccountName=".$req->{user}.")(objectClass=person))
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Plugin ::Auth::AD initializated
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Module Lemonldap::NG::Portal::UserDB::AD loaded
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [error] Connection reset by peer
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [error] LDAP initialization error: Connection reset by peer
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [error] LDAP initialization has failed, but let's continue
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] LDAP Search base: dc=domain,dc=loc
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] LDAP transformed filter: (&(sAMAccountName=".$req->{user}.")(objectClass=person))
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Plugin ::UserDB::AD initializated
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Module Lemonldap::NG::Portal::2F::Engines::Default loaded
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Checking utotp2fActivation
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] -> not enabled
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Checking totp2fActivation
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] -> not enabled
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Checking u2fActivation
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] -> not enabled
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Checking rest2fActivation
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] -> not enabled
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Checking mail2fActivation
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] -> not enabled
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Checking ext2fActivation
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] -> not enabled
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Checking yubikey2fActivation
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] -> not enabled
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Checking radius2fActivation
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] -> not enabled
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Checking totp2fSelfRegistration
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] -> not enabled
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Checking u2fSelfRegistration
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] -> not enabled
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Checking yubikey2fSelfRegistration
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] -> not enabled
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Processing Extra 2F modules
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Plugin ::2F::Engines::Default initializated
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Module Lemonldap::NG::Portal::Plugins::Notifications loaded
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Declaring unauth route
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Add POST route:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] route notifback added
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Add GET route:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] route notifback added
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Declaring auth route
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Add POST route:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] route notifback added
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Module Lemonldap::NG::Portal::Lib::Notifications::JSON loaded
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Found endAuth entry point:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] -> checkNotifDuringAuth
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Plugin ::Plugins::Notifications initializated
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Module Lemonldap::NG::Portal::Plugins::History loaded
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Found endAuth entry point:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] -> run
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Plugin ::Plugins::History initializated
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Module Lemonldap::NG::Portal::Plugins::GrantSession loaded
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Found afterData entry point:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] -> run
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Plugin ::Plugins::GrantSession initializated
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Module Lemonldap::NG::Portal::Plugins::Upgrade loaded
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Declaring auth route
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Add GET route:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] route upgradesession added
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Declaring auth route
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Add POST route:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] route upgradesession added
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Plugin ::Plugins::Upgrade initializated
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Module Lemonldap::NG::Portal::Plugins::AutoSignin loaded
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Found beforeAuth entry point:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] -> check
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Plugin ::Plugins::AutoSignin initializated
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Module Lemonldap::NG::Portal::Plugins::RESTServer loaded
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Declaring auth route
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Add GET route:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] route * added
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Add POST route:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] route * added
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Declaring auth route
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Add DELETE route:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] route * added
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] route : added
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Declaring auth route
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Add PUT route:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] route : added
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Plugin ::Plugins::RESTServer initializated
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Module Lemonldap::NG::Portal::Password::AD loaded
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [error] Connection reset by peer
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [error] LDAP initialization error: Connection reset by peer
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [error]
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] [error]
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Declaring unauth route
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Add GET route:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] route * added
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Add POST route:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] route * added
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Add PUT route:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] route * added
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Add DELETE route:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] route * added
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Declaring auth route
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Add GET route:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] route * added
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Add POST route:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] route * added
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Add PUT route:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] route * added
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] Add DELETE route:
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] route * added
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [error] Underlying object can't load conf (Lemonldap::NG::Portal::Main->reloadConf)
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [error] Unable to protect this server (Lemonldap::NG::Common::Conf::Backends::File loaded.
Configuration unchanged, get configuration from cache.)
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [warn] [anonymous] Unable to protect this server (Lemonldap::NG::Common::Conf::Backends::File loaded.
Configuration unchanged, get configuration from cache.)
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [debug] [warn] [anonymous] Unable to protect this server (Lemonldap::NG::Common::Conf::Backends::File loaded.
Configuration unchanged, get configuration from cache.)
[Tue Oct 8 16:13:42 2019] [LLNG:7287] [error] Error 500: Unable to protect this server (Lemonldap::NG::Common::Conf::Backends::File loaded.
Configuration unchanged, get configuration from cache.)
I'm using this line for connexion : ldaps://xxx.xxx.xx.x
Backends used
For any bug on configuration/sessions storage, give us details on backends
Possible fixes
Thanks for your help and i hope it's not a misconfiguration. I repeat for information my production plateform with old stable work without problem with this Domain Controller.