[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: client authentication using TLS/SASL (ITS#865)



At 09:25 PM 10/29/00 +0000, olaf.schlueter@planet-interkom.de wrote:
>Full_Name: Olaf Schlüter
>Version: 2.0.3
>OS: linux
>URL: ftp://ftp.openldap.org/incoming/
>Submission from: (NULL) (62.180.174.144)
>
>
>I am trying to figure out how SASL authentication based on TLS client
>authentication 
>(EXTERNAL) is supposed to work. I found .ldaprc configuration directives
>(TLS_CERT, TLS_KEY)
>But I am currently stuck in the following situation:
>
>.ldaprc contains path to TLS_CERT, TLS_KEY, slapd has appropiate
>TLSCertificateFile etc.
>
>The call 
>ldapsearch -ZZ 

try ldapsearch -x -ZZ -s base -b "" supportedSASLMechanisms

If "EXTERNAL" is listed as a value, try:

ldapsearch -Y EXTERNAL -ZZ -s base -b "" supportedSASLMechanisms

>results in
>ldap_sasl_interactive_bind_s: unknown authentication method
>
>and logs and debug output indicates that the client does not now how to deal
>with external.