[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
slapd + TLS + SAMBA
- To: openldap-technical@openldap.org
- Subject: slapd + TLS + SAMBA
- From: Alessandro Baggi <alessandro.baggi@gmail.com>
- Date: Sun, 02 Aug 2009 11:44:40 +0200
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:received:message-id:date:from :user-agent:mime-version:to:subject:content-type :content-transfer-encoding; bh=Y2Rwxb318+tnrs6bTckqw4wpEu1hsQWHeIlb1932Qig=; b=JMNEQL5qdjpBCzjuFeosW63O4VRIwhrZlJTp9LQGyIhMyOxDEQuCEXr/tlbbkQbzNU Tac7geBX1iadfUKU9wtvI3dJuOYdPEPdBH1kFolBta61zDlJFumv5NB96MSS4m9NkkCE knFW4dqIjoUoT7TSQd+gdexrz7dlOSY6inTSg=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=message-id:date:from:user-agent:mime-version:to:subject :content-type:content-transfer-encoding; b=MlwgAckyLpurgTGao+uSEpjTEXHsbgKxL4xrvDED+9V7BNglInp1NWz51NP9iEs9r8 TUPxDAtwZhOa9iNhddKW2EV9jRnZq4k18tiQpnVDrfnC2wwmtgSLazJB4GFQJn0i5OlK P2WxVTiWQdebigLB/l9HtqshmDWvA1JE9w2UI=
- User-agent: Thunderbird 2.0.0.12 (X11/20080213)
Hi there. I've another problem with TLS slapd and samba.
For each operation with slapd (ldapsearch -x -ZZ, getent, or samba tls
connection) I receive from slapd:
Aug 2 11:31:05 PDC slapd[1709]: connection_read(23): unable to get TLS
client DN, error=49 id=4
What's the problem? My certificate?
Certificate's creation is:
/usr/lib/ssl/misc/CA.pl -newca
openssl req -newkey rsa:1024 -nodes -keyout key.pem -out newreq.pem
/usr/lib/ssl/misc/CA.pl -sign
Then another problem is when I start slapd on the boot, after slapd
startup, samba , that try to connect to ldap with tls, could not connect
to slapd and give me:
2009/08/01 17:45:15, 10]
lib/ldap_debug_handler.c:samba_ldap_log_print_fn(26)
[LDAP] ldap_parse_extended_result
[2009/08/01 17:45:15, 10]
lib/ldap_debug_handler.c:samba_ldap_log_print_fn(26)
[LDAP] ldap_parse_result
[2009/08/01 17:45:15, 10]
lib/ldap_debug_handler.c:samba_ldap_log_print_fn(26)
[LDAP] ldap_msgfree
[2009/08/01 17:45:15, 10]
lib/ldap_debug_handler.c:samba_ldap_log_print_fn(26)
[LDAP] TLS: can't connect: Error in the push function..
[2009/08/01 17:45:15, 0] lib/smbldap.c:smb_ldap_start_tls(596)
[2009/08/01 17:45:15, 10]
lib/ldap_debug_handler.c:samba_ldap_log_print_fn(26)
[LDAP] ldap_err2string
Failed to issue the StartTLS instruction: Connect error
This only if I put in slapd.conf TLSClientVerify demand, if I put
TLSClientVerify never, samba connect to it, under TLS without problems.
Another issue is that, if i run slapd on startup and run samba after
login with /etc/init.d/samba start, it makes the connection successfully
without error. In the same script of slapd boot I set an "ldapsearch -x
-ZZ -d -1" I receive:
TLS: can't connect: Error in the push function.. the same of samba.
Anyone has ideas? The problem is in certificates?
thanks in advance