[Date Prev][Date Next]
Re: openldap SSL/TLS problem
At 09:33 AM 2001-08-30, Jehan PROCACCIA wrote:
>"Kurt D. Zeilenga" wrote:
>> At 02:43 AM 2001-08-30, Jehan PROCACCIA wrote:
>> >Here's my problem:
>> >$ ldapsearch -Z -H "ldaps://mci21056.int-evry.fr" -b "dc=int-evry,dc=fr"
>> >ldap_start_tls: Operations error
>> > additional info: TLS already started
>> >ldap_sasl_interactive_bind_s: Unknown authentication method
>> You are trying to run Start TLS over ldaps://. Since you
>> already started TLS by using ldaps://, issuing a Start
>> TLS command is pointless. Don't use -Z and ldaps://
>Truth is that I'am confused with sasl/ssl/tls !?, ldaps means tls ?
>an ldapsearch without -x nor -Z defaults to tls ? Any doc on this ?
It reasonable to be confused. This just became a FAQ:
>> Then there appears to be no usable SASL method. Likely
>> you haven't completed your SASL configuration yet. Start
>> with setting up the sample client/server (or use -x to
>> use simple bind).
>I did nothing about sasl,
You implicitly requested use of SASL as you didn't specify -x.
>I thought that using ssl was a alternative to
They generally are viewed as complementary.