[Date Prev][Date Next] [Chronological] [Thread] [Top]

ldapi -> "Confidentiality required" problem

To: openldap-technical@openldap.org
Subject: ldapi -> "Confidentiality required" problem
From: Gunnar Frenzel <Gunnar_Frenzel@web.de>
Date: Mon, 08 Jun 2009 12:49:01 +0200
User-agent: Thunderbird 2.0.0.21 (Windows/20090302)

Hello,

I've configured openldap (v2.4.16 on FreeBSD 7.2) to listen on ldaps(with self signed certificate) as well as ldapi.


rc.cof:
slapd_enable="YES"
slapd_flags='-h "ldapi:///var/run/openldap/ldapi/ ldaps:///"'
slapd_owner="ldap:ldap"
slapd_sockets="/var/run/openldap/ldapi"


slapd.conf:
database        bdb
suffix          "dc=mydomain,dc=com"
rootdn          "cn=Manager,dc=mydomain,dc=com"
rootpw          password
directory       /var/db/openldap-data
index   objectClass     eq

security ssf=128
TLSCACertificateFile    /usr/local/etc/openldap/ssl/cert.crt
TLSCertificateFile      /usr/local/etc/openldap/ssl/cert.crt
TLSCertificateKeyFile   /usr/local/etc/openldap/ssl/cert.key
TLSVerifyClient         never

Connecting to ldaps (port 636) with clients such as Thunderbird, ApacheDirectory Studio works fine. But when I try to connect via ldapi (port389) from a webmail tool on the same server I always get the error"Confidentiality required" from openldap. I want to connect to ldapi (asit is local on the server) without TLS or other encryption but openldapdoesn't seem to allow that in my configuration. I tried localSSF set to0 which doesn't make any difference...


I'd be thankful for any advice with this issue.

Best regards,
Gunnar

Follow-Ups:
- Re: ldapi -> "Confidentiality required" problem
  - From: "Dieter Kluenter" <dieter@dkluenter.de>

Prev by Date: Re: slapcat unable to make ldif file with size > 2GB
Next by Date: Re: Newbie question about ldif
Index(es):
- Chronological
- Thread