[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Openldap didn't work with TLS/SSL
Did you specify the FQDN of your LDAP server as 'Common Name', when
creating the certificate?
How do you start your LDAP server? Don't forget to add the URIs for
ldap (-h "ldap://0.0.0.0:389/"; ) and ldaps (-h "ldaps://0.0.0.0:636")
in your start script...
Cheers,
Christian
bhkwan@ThoughtWorks.com schrieb:
>
> Hi,
> yes, I use OpenSSL 0.9.6c to create the certificate
> and I signed the
> ceritificate with my own CA. I did put ssl on in my
> ldap.conf ( I also
> tried ssl yes ).
> I used openssl s_client .... to check the
> certificate and it is fine.
>
>
> thanks
>
> Barrow
>
>
>
>
>
>
> Christian.Reile@t
>
>
> -online.de To:
> bhkwan@ThoughtWorks.com
>
> cc:
>
>
> 04/08/2002 10:46 Subject:
> Re: Openldap didn't work with TLS/SSL
>
> PM
>
>
>
>
>
>
>
>
>
>
>
>
> Hi,
>
> did you create a certificate for the LDAP server using
> openssl and
> specified the path to it in your slapd.conf?
> Additionally, you
> have to enable SSL ('ssl on') in your ldap.conf?
>
> Cheers,
> Christian
>
> bhkwan@ThoughtWorks.com schrieb:
> > Does anyone has this working at all?
> >
> > I used that with pam_ldap/nss_ldap ( usting sssl
> > start_tls ) but it always
> > failure, one of the from OpenLDAP said
> >
> > "TLS trace: SSL_accept:error in SSLv3 read client
> > certificate A"
> >
> > I found a lot of people having the same issue but can't
> > find a GOOD/WORKING
> > solution.
> >
> > any help will be appreciated
> >
> >
> >
> >
> >
> --
> Christian Reile
> Feldstrasse 4
> 85716 Unterschleissheim
> Tel.: +49-89-3106876
>
>
>
>
>
--
Christian Reile
Feldstrasse 4
85716 Unterschleissheim
Tel.: +49-89-3106876