[Date Prev][Date Next] [Chronological] [Thread] [Top]

Problems with SASL and TLS



Hi, I'm currently trying to implement some form of secure replication using OpenLDAP.

I have successfully configured SLAPD to use TLS with a self-signed certificate. I basically used the openSSL description of creating a self-signed certificate for Apache. However, when I try and connect to it with SLURPD it fails. I verified that it works with other clients however. Is this the idea behind TLS=[critical|yes]? I don't see how SLURPD would accept this certificate. I did try to use the same certificate on both of the servers but this didn't help. Is this correct?

The second idea I had was using SASL and SLURPD. Again, I have tried to implement this but to no avail. I did find a Admin guide explaining SASL but I found it pretty difficult to use. Also, when I went to the OpenLDAP web site it doesn't seem to be there. I'm sure there was an item 11 (some sort of Spinal Tap reference here).

All I would be after is a slapd.conf file(s) that works in either of the ways I've described above.