[Date Prev][Date Next]
Re: openldap SSL/TLS problem
"Kurt D. Zeilenga" wrote:
> At 02:43 AM 2001-08-30, Jehan PROCACCIA wrote:
> >Here's my problem:
> >$ ldapsearch -Z -H "ldaps://mci21056.int-evry.fr" -b "dc=int-evry,dc=fr"
> >ldap_start_tls: Operations error
> > additional info: TLS already started
> >ldap_sasl_interactive_bind_s: Unknown authentication method
> You are trying to run Start TLS over ldaps://. Since you
> already started TLS by using ldaps://, issuing a Start
> TLS command is pointless. Don't use -Z and ldaps://
Truth is that I'am confused with sasl/ssl/tls !?, ldaps means tls ? an
ldapsearch without -x nor -Z defaults to tls ? Any doc on this ?
> Then there appears to be no usable SASL method. Likely
> you haven't completed your SASL configuration yet. Start
> with setting up the sample client/server (or use -x to
> use simple bind).
I did nothing about sasl, I thought that using ssl was a alternative to
sasl !? do I need to configure something about sasl in slapd.conf, have
a sample file ?
anyway the search works fine with ldapsearch -x, but I want to run a
secure ldap transaction ...
Institut National des Telecommunications| Email:
MCI, Moyens Communs Informatiques | Tel : +33 (0) 160764436
9 rue Charles Fourier 91011 Evry France | Fax : +33 (0) 160764321