Hi everyone!
I have a problem which I am not able to solve by myself. Maybe someone can help.
First of all, UTM Version is 9.005-16, with HTTP Proxy working with AD Authentication. The Domain Controllers are configured to require LDAP signing, the authentication servers UTM are configured to use LDAP over SSL (636). The HTTP Proxy Signing CA and the WebAdmin CA certificates are distributed over GPO on the Domain Controllers (Computer Certificates). HTTP Proxy works fine with these settings.
Now I configured the SMTP Proxy, using recipient verification through AD. But this doesn't work. In SMTP Proxy following message is logged when checking for the recipient:
Warning: ACL "warn" statement skipped: condition test deferred: failed to bind the LDAP connection to server w.x.y.z:636 - ldap_bind() returned -1 .
Corresponding i get on the Domain Controller w.x.y.z logged a Secure Channel Event 36887 (error number 48, TLS1_ALERT_UNKNOWN_CA).
Thinks working fine with SMTP Proxy when I configure authentication servers to use plain LDAP on 389 and the DCs accepting non signed LDAP queries.
So, does anyone else have the problem or better, anyone knows how to configure it right? I think my DCs miss a certificate signed by a CA used by the SMTP Proxy, but which?
Or maybe its a bug?
This thread was automatically locked due to age.
