[Date Prev][Date Next]
ldaps: not working, RH7.2,OpenLDAP 2.0.21
I've compiled my own OpenLDAP 2.0.21 on RedHat 7.2 with the RPM version of
OpenSSL-0.9.6b-8. I can connect to LDAP just fine using the Start_TLS
method (ie with -ZZ on the commandline of ldapsearch, connecting to port
389), but I cannot connect to ldaps: (port 636) at all - it simply
says "Can't contact LDAP server" and nothing shows up in the logs.
Telnetting to port 636 shows that there is simply
no service running there - the connection is refused.
The only error I get when slapd starts up is "socket() failed errno=97
(Address family not supported by protocol)". For a while I thought
that was the problem, but I found in the FAQ that that error is just
from not having IPv6 in my kernel and it shouldn't be related.
I don't have a firewall running AFAIK (unless its something funky that
RedHat does) - no ipchains anywhere, and I compiled my own
kernel without netfilter.
The reason I need ldaps:// instead of just Start_TLS is that I need to use
LDAP with PHP4, which as far as I can tell only supports the ldaps:// method.
If anyone knows of a way to make PHP do Start_TLS then I can be satisfied
If it matters, here was my configure line for openLDAP:
./configure --prefix=/usr/local --enable-syslog --enable-cache \
--with-cyrus-sasl --with-tls --enable-wrappers --with-ldbm
I don't think TCP wrappers should be causing any problem, because connects
work fine on port 389. I've also tried both starting slapd without the -h
option, and starting it with "-h ldap:/// ldaps:///".
Anyone have any ideas why slapd isn't accepting connections on port 636?
TIA for any help...