[Date Prev][Date Next]
Re: Problem with connecting to ldaps
At 06:45 AM 6/12/2001, Jean-Christian Hassler wrote:
>> On Thu, 7 Jun 2001, Kurt D. Zeilenga wrote:
>> > At 01:53 AM 6/6/2001, Grzegorz Filip wrote:
>> > >
>> > >ldapsearch -H <ldaps:///>ldaps:/// -x -b"" objectclass=*
>> > >I get message "can't contact LDAP server"
>> > >What could caused that problem ?
>> > Certificate checks. The name used by the client to locate
>> > the server needs to be the name in the certificate returned
>> > by the server.
I don't recommend creating certificates for "localhost".
I recommend using a fully-qualified domain name in the
certificate and client.
>> Thank you! I have been struggling with this all afternoon. I am
>> testing on the same machine that's running slapd, but my cert was
>> created with the fully-qualified host name. I created a "localhost"
>> cert and both SSL and TLS simple/anonymous binds are working now.
>I have exactly the same problem but I can't manage to create a valid
>"localhost" certificate, can you give me more detail on you certificate?
>Here are the information I gave my certificate :
>Country Name (2 letter code) [AU]:FR
>State or Province Name (full name) [Some-State]:.
>Locality Name (eg, city) :Lyon
>Organization Name (eg, company) [Internet Widgits Pty Ltd]:Hexaflux
>Organizational Unit Name (eg, section) :SERD
>Common Name (eg, YOUR name) :localhost
>Email Address :firstname.lastname@example.org