[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: backend-meta usage

To: Stephen Agar <seagar@gmail.com>
Subject: Re: backend-meta usage
From: Aaron Richton <richton@nbcs.rutgers.edu>
Date: Wed, 24 Jan 2007 11:21:04 -0500 (EST)
Cc: openldap-software@openldap.org
In-reply-to: <45368ada0701240749p2de28778x1d6102b2d4983a66@mail.gmail.com>
References: <45368ada0701221655w56545395x6adc9844fad5c1de@mail.gmail.com> <Pine.SOC.4.64.0701222040520.18426@toolbox.rutgers.edu> <45368ada0701221820k29fc1514m75bba7d0ac874220@mail.gmail.com> <45368ada0701231200i2829a17ehef4d62b21b5b7fb@mail.gmail.com> <Pine.SOC.4.64.0701231525500.18426@toolbox.rutgers.edu> <45368ada0701231310s2747ccf5p9c5bd299c0cd5633@mail.gmail.com> <20070123231050.GO3981@samad.com.au> <45368ada0701240749p2de28778x1d6102b2d4983a66@mail.gmail.com>

OK, a couple long shots (I don't really believe these, but they should be quick to try and since you're not working anyway they shouldn't hurt)...

Do TLSCACertificateFile and/or TLSCACertificatePath match TLS_CACERT and/or TLS_CACERTDIR? Can you make them that way?

Can you verify somehow that the ldap.conf you expect to be read is indeed being read? That there's no ~/.ldaprc in the way?

"TLS_REQCERT never" should set the library to its most liberal; it's somewhat surprising that it's still complaining about CA in that case.

On Wed, 24 Jan 2007, Stephen Agar wrote:

I appreciate everyone's advice, I have verified that as the same uid "user
ldap", i CAN connect to the external LDAP server via "ldapwhoami over
ldaps://" but when connecting to localhost and attempting to use the "meta"
definition, it doesn't work.

I don't have a copy of the cacert on the external server, i just have a self
signed setup on my own openldap box. Do I need to get a copy of their
cacert.pem and configure that in my ldap.conf?

I haven't had a chance to look at the strace/truss output yet, but will post
when I do.

--stephen

Follow-Ups:
- Re: backend-meta usage
  - From: "Stephen Agar" <seagar@gmail.com>

References:
- backend-meta usage
  - From: "Stephen Agar" <seagar@gmail.com>
- Re: backend-meta usage
  - From: Aaron Richton <richton@nbcs.rutgers.edu>
- Re: backend-meta usage
  - From: "Stephen Agar" <seagar@gmail.com>
- Re: backend-meta usage
  - From: "Stephen Agar" <seagar@gmail.com>
- Re: backend-meta usage
  - From: Aaron Richton <richton@nbcs.rutgers.edu>
- Re: backend-meta usage
  - From: "Stephen Agar" <seagar@gmail.com>
- Re: backend-meta usage
  - From: Alex Samad <alex@samad.com.au>
- Re: backend-meta usage
  - From: "Stephen Agar" <seagar@gmail.com>

Prev by Date: Re: Bug(?) With OpenLDAP 2.3.32
Next by Date: Re: backend-meta usage
Index(es):
- Chronological
- Thread