[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SASL/SSL intermittent bind problem
>>>>> "Jason" == Jason Heiss <jheiss@ofb.net> writes:
Jason> I have a Red Hat 7.1 system configured as a Kerberos and
Jason> LDAP server using the RPMs provided by Red Hat. Thus
Jason> OpenLDAP 2.0.11.
Jason> I have a problem where binds using SASL (as opposed to
Jason> simple auth) occasionally fail. This (simple auth, SSL or
Jason> not) always works:
RH's OpenLDAP don't seem to have either TLS or SASL... You have to
recompile (or compile from pristine source)
Jason> This (SASL, SSL) fails almost all of the time:
Jason> ldapsearch -H ldaps:/// -b "" -s base -LLL
Jason> supportedSASLMechanisms
Jason> The failure is reported by ldapsearch as:
Jason> ldap_result: Can't contact LDAP server
SSL do work however... Do you have a (propper) SSL certificate?
Do you have the TLS* entries in the slapd.conf?
TLSCertificateFile /etc/openldap/server.pem
TLSCertificateKeyFile /etc/openldap/server.pem
TLSCACertificateFile /etc/openldap/server.pem
or something similar?
--
Turbo __ _ Debian GNU Unix _IS_ user friendly - it's just
^^^^^ / /(_)_ __ _ ___ __ selective about who its friends are
/ / | | '_ \| | | \ \/ / Debian Certified Linux Developer
_ /// / /__| | | | | |_| |> < Turbo Fredriksson turbo@tripnet.se
\\\/ \____/_|_| |_|\__,_/_/\_\ Stockholm/Sweden