Re: TLS secure connection to an LDAP server

[fatima riadi <ftmriadi@yahoo.fr>]

Hello,

> The name of the certificate file has nothing to do,
> you choose the one 
> you want :-)

OK

> The common name of the certificate is the "cn" field
> you enter when you 
> create the certificate
> This name has to be the server's fully qualified
> domain name
> 
OK, thank you.
I know that.

> Then, when you test the SSL connection,
> instead of :
> openssl s_client -connect localhost:636 -showcerts
> -state -CAfile /path/to/ca.pem
> 
> run this :
> 
> openssl s_client -connect ldap.domain.com:636
> -showcerts -state -CAfile /path/to/ca.pem
>
I tested the SSL conection using the command above. As
I told, it did not succed. :)
It displayed the following:
[user@RHmachine root]# openssl s_client -connect
ldap_srv_name.domain.com:636 -showcerts -state -ssl3
-CAfile /path/to/ca.pem
  CONNECTED(00000003)
  SSL_connect:before/connect initialization
  SSL_connect:SSLv3 write client hello A
  SSL3 alert read:fatal:handshake failure
  SSL_connect:failed in SSLv3 read server hello A
  2456:error:14094410:SSL 
routines:SSL3_READ_BYTES:sslv3 alert handshake 
failure:s3_pkt.c:1052:SSL alert number 40
  2456:error:1409E0E5:SSL
routines:SSL3_WRITE_BYTES:ssl  handshake
failure:s3_pkt.c:529:

What would you suggest please?



	

	
		
__________________________________________________________________
Découvrez le nouveau Yahoo! Mail : 250 Mo d'espace de stockage pour vos mails ! 
Créez votre Yahoo! Mail sur http://fr.mail.yahoo.com/