[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: My OpenLDAP doesn't listen to port 636 ...

To: calvin.liu@sun.com
Subject: Re: My OpenLDAP doesn't listen to port 636 ...
From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
Date: Fri, 9 Apr 2004 14:04:06 +0200
Cc: openldap-software@OpenLDAP.org
In-reply-to: <1081509922.2013.15.camel@marathon.prc.sun.com>
References: <1081506906.2015.4.camel@marathon.prc.sun.com> <HBF.20040409qgfp@bombur.uio.no> <1081509922.2013.15.camel@marathon.prc.sun.com>

Calvin Liu writes:
> ldapsearch ... -h marathon ...

I don't know much about certificates, but:

The client verifies that the hostname in the server certificate matches
the hostname it connects to.  So the ldapsearch command needs the full
hostname which the certificate contains.  That is, presumably
marathon.prc.sun.com.  At least I *hope* you have a fully qualified
hostname in the certificate...

I think you can get it displayed and possibly verified
with the commands
  openssl x509 -enddate -noout < certificate-file
or by connecting to the server with the
  openssl s_client ...
command.  ('openssl s_client help' displays help.)

> BTW, where can I find more information about OpenLDAP besides the 'Admin
> Guide'?

The manual pages.

LDAP tutorials in general for what to put in LDAP and how to use it.
Google will find them, I don't know which ones are good.

-- 
Hallvard

Follow-Ups:
- Re: My OpenLDAP doesn't listen to port 636 ...
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>

References:
- My OpenLDAP doesn't listen to port 636 ...
  - From: Calvin Liu <calvin.liu@sun.com>
- Re: My OpenLDAP doesn't listen to port 636 ...
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
- Re: My OpenLDAP doesn't listen to port 636 ...
  - From: Calvin Liu <calvin.liu@sun.com>

Prev by Date: Re: [debian-openldap] Re: your mail
Next by Date: Re: My OpenLDAP doesn't listen to port 636 ...
Index(es):
- Chronological
- Thread