[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapsearch and TLS

To: Openldap list <openldap-software@OpenLDAP.org>
Subject: Re: ldapsearch and TLS
From: Tony Earnshaw <tonye@billy.demon.nl>
Date: Tue, 16 Mar 2004 08:57:02 +0100
In-reply-to: <ymhllm1d61k.fsf@okocim.cs.ubc.ca>
Organization: Billy
References: <ymhllm1d61k.fsf@okocim.cs.ubc.ca>

tir, 16.03.2004 kl. 00.49 skrev Chris Majewski:

> I'm trying to do an ldapsearch  (or add, or modify, or anything...) on
> a server that's doing TLS. Here's what happens:
> 
> ldapsearch -h localhost -v -Z -D "uid=me,ou=People,o=cs.ubc.ca" -LLL \
>  -b "uid=someonelse,ou=People,o=cs.ubc.ca" 
> ldap_init( localhost, 0 )
> ldap_start_tls: Connect error
> ldap_sasl_interactive_bind_s: Can't contact LDAP server
> 
> Here's  what the  server logs  say (-d  1023). Any  idea  what's going
> wrong? The manpages, as usual,  incorrectly assume that I already know
> what I'm doing. 

The certificate info doesn't look right. You should be seeing the
issuer, subject and cert details (use log level -d -1). Have you made
.der format certs, by any chance? They must be .pem format.

--Tonni

-- 

mail: billy - at - billy.demon.nl
http://www.billy.demon.nl

Follow-Ups:
- Re: ldapsearch and TLS
  - From: Chris Majewski <majewski@cs.ubc.ca>

References:
- ldapsearch and TLS
  - From: Chris Majewski <majewski@cs.ubc.ca>

Prev by Date: replication between different ldap versions
Next by Date: Re: Upgrade steps from 2.1.x to 2.2.x
Index(es):
- Chronological
- Thread