[Date Prev][Date Next] [Chronological] [Thread] [Top]

2 queries: SSL connections and an ldapsearch problem

I have installed OpenLDAP 2.0.23 with OpenSSL 0.9.6c on a Solaris 8 Sun

Please bear with me as I'm a beginner who finds LDAP really confusing. I
have two issues, one regarding SSL and the other regarding ldapsearch

I can't get secure connections to the LDAP server to work at all. I
notice that users of the Netscape LDAP SDK have to add an option to the
slapd.conf telling the server where the certificates database is (i.e.
cert7.db). Am I supposed to do something similar with OpenLDAP? In the
slapd debug messages everything looks fine until I get:

SSL_accept:error in SSLv3 read client certificate A

Is this significant or should I ignore it?

I have the following ldapadd statement adding a host to the database:

ldapadd -D cn=Manager,dc=mydomain,dc=com -w 'secret' -f ~/ldif -x

Where ~/ldif contains:

dn: ou=hosts,dc=mydomain,dc=com
objectclass: top
dn: cn=testhost,ou=hosts,dc=mydomain,dc=com
cn: testhost
objectclass: ipHost

This successfully adds the item to the hosts table. However, when I try
and use ldapsearch to find it or anything else, it gives the following

$ ldapsearch -x -s base "objectclass=*" "*"
version: 2

# filter: objectclass=*
# requesting: * 

# search result
search: 2
result: 0 Success

# numResponses: 1

Yet if I use '<ldaproot>/servers/slapd/tools/slapcat' it lists it as

dn: cn=testhost,ou=hosts,dc=mydomain,dc=com
cn: testhost
objectClass: ipHost
creatorsName: cn=Manager,dc=mydomain,dc=com
createTimestamp: 20020221140500Z
modifiersName: cn=Manager,dc=mydomain,dc=com
modifyTimestamp: 20020221140500Z

So am I using ldapsearch incorrectly?

Thanks for reading. Let me know what further information would be


Matt Ross

                                          Software Support Officer
                   Faculty of Engineering and Information Sciences
               University of Hertfordshire, College Lane, Hatfield
                                           Hertfordshire  AL10 9AB
   Phone: +44 (0)1707 286297          E-Mail: m.g.ross@herts.ac.uk
   Fax:   +44 (0)1707 286298      WWW: http://www.mross.co.uk/work