[horde] Questions on using passwd http driver

[John H. Bennett III]

Quoting Ralf Lang <lang at b1-systems.de>:

> On 30.06.2013 06:09, John H. Bennett III wrote:
>> Hello,
>>
>> A couple of questions in trying to use passwd.
>>
>> I'm trying to use the http driver for passwd to try to enable users on
>> the distro I use, an option to change their password from within the
>> horde framework.  The website needs to use https, not http, does that
>> make a difference with passwd?
>
> It should not.
>
> When I try to change the password, I get
>> this error, "Failure in changing password for HTTP Server: Peer
>> certificate cannot be authenticated with known CA certificates."  I need
>> help in what I can do to further troubleshoot this.
>
> The sending server needs to have the target's ssl certificate installed
> to trust the HTTPS connection. This is similar to situation where a web
> browsers hits a site with an untrusted certificate, only server to server.

The server that I'm trying to use passwd on to change a users password  
is same, that the user logs into, so I would think that it's already  
trusted.

>
> On my test server,
>> I am using a self-signed cert, but I've imported the cert into the
>> trusted root authorities
>
> Of the browser or of the sending server?
>
>
> Out of curiosity: What kind of authentication do the website and horde use?

The website with the password changing page, uses username.  Horde  
also uses username, but appends the realm, via  a hook when loggin..   
So when I go to passwd, I see user at domain, which is another issue that  
I may need to work out later.  I would want to drop the @domain, I  
just haven't found out how.  If passwd was truly uses the user at domain  
piece to try to change the password, then I would expect it to return  
an error on trying to change the password based on the badUser  
eval_results setting.

> Ralf
>
John