04-06-2022 11:29 AM
Our test server has a weird SSL issue on startup that our PROD servers do not have.
They both have basically the same config. What could be causing this? (The server does work as expected)
2022-04-06T14:23:12-0400 [duoauthproxy.lib.log#info] SSL disabled. No server key and certificate configured.
2022-04-06T14:23:12-0400 [duoauthproxy.lib.log#info] Duo Security Authentication Proxy 5.0.2 - Init Complete
04-07-2022 09:33 AM
Hi @Darren_Kemp1 ,
On your test Auth Proxy, I would suggest checking the authproxy.cfg to ensure your SSL settings are correct/match the production server. For instance, if you are using LDAPS for your transport type, please ensure that you have the port and certificates defined for such:
Example:
ssl_port=
ssl_key_path=
ssl_cert_path=
Hope this helps!
04-07-2022 11:53 AM
Hey Pablo!
What’s interesting here is I don’t have any of those set in TEST or PROD. We are just using the proxies to redirect a handful of apps to our 2 AD domains - the ad_client configs are using ldaps and a certfile containing the ROOT CA of the domain servers. These all work fine.
Despite the ssl stuff not configured in either server, only TEST gets that startup error.
04-12-2022 11:45 AM
Hi @Darren_Kemp1, if you are still having trouble with this, I’d recommend reaching out to the Duo Support team for further troubleshooting. They can take a look at your configuration and give you more exact guidance on this!
04-13-2022 02:55 PM
The lines immediately preceding this should give you a hint. Do you maybe have an ldap_server_auto
section on your TEST server which does not have a certificate and keyfile specified for SSL? Is the startup of that LDAP server shown on a line that says LDAP Automatic Factor Server Module Configuration
a few lines before the log excerpt you shared here?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: