Re: SSL problems, certificate missmatch

[Norbert Klasen <norbert.klasen@daasi.de>]

--On Freitag, 12. April 2002 08:30 -0700 Leila Lappin 
<galaxylappin@comcast.net> wrote:

> I'm not passing hostname to ldapsearch becuase I have only the default
> hostnames (localhost.localadmin) setup.  I start the server passing -h
> "ldap:/// ldaps:///" which are supposed to use the default hostname.  So I
> can't see how I'm passing different hostnames.

The -h Parameter to ldapsearch needs to be hostname that is stored in the 
server's certificate. Just using
	ldapsearch -b somebase type=value
will use localhost as the hostname. This is probably not what you have in 
your certificate. Try
	ldapserach -h FQDN -b somebase type=value
where FQDN is the fully qualified domain name of your server.

See also RFC2830.

--
Norbert Klasen, Dipl.-Inform.
DAASI International GmbH                 phone: +49 7071 29 70336
Wilhelmstr. 106                          fax:   +49 7071 29 5114
72074 Tübingen                           email: norbert.klasen@daasi.de
Germany                                  web:   http://www.daasi.de