[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS fails

To: quanah@stanford.edu
Subject: Re: TLS fails
From: Jon Roberts <jon@jonanddeb.net>
Date: Wed, 15 Feb 2006 16:40:09 -0700
Cc: OpenLDAP-software@OpenLDAP.org
In-reply-to: <200602151510.35269.quanah@stanford.edu>
References: <CD63D77DEEDC734F90321A017D5E74D1020CE2@vpmiexc01.callnetcanada.com> <200602151510.35269.quanah@stanford.edu>
User-agent: Mozilla Thunderbird 1.0.6-1.1.fc4 (X11/20050720)

Quanah Gibson-Mount wrote:

On Wednesday 15 February 2006 14:23, Ran Li wrote:
The funny thing is, TLS works fine from a remote host, but not on the
server itself. I tried changing localhost to the actual DNS name of the
server, but still I get the same error.
is the ldap server a ldap client? my understanding is it has to be a
ldap client in order to make ldapsearch over tls work.
You have to use the name in your search that matches the name in the certificate for TLS to work.

In JLDAP clients I can connect to a remote ldaps server by using the ip address as hostname, even though I obviously did not use the ip as the name in the certificate. Is that advice specific to ldapsearch, StartTLS, or something else I might be confused about?

Jon Roberts
www.mentata.com

Follow-Ups:
- Re: TLS fails
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

References:
- RE: TLS fails
  - From: "Ran Li" <Ran.Li@rti.rogers.com>
- Re: TLS fails
  - From: Quanah Gibson-Mount <quanah@stanford.edu>

Prev by Date: Re: newbie still: ldapdelete: why won't it.
Next by Date: Re: TLS fails
Index(es):
- Chronological
- Thread