[Date Prev][Date Next]
Re: openldap and SSL with AD
--On Donnerstag, 13. Februar 2003 14:49 +0000 Daniel Barron
I have set up the win2k AD to work with LDAPS on port 636 and I have
tested it to work with an windows ldap browser that works over SSL. So
all that bits done.
But I have no idea how to change the code to make it connect using LDAPS.
I tried ldapsearch with the -ZZ option and -p 636 but all I got was:
ldap_init( 192.168.72.230, 636 )
ldap_start_tls: Can't contact LDAP server
You're mixing START_TLS (which normally uses port 389) and LDAPS. The -ZZ
option requires START_TLS which is not supported by AD. Try using
Unless you're server certificate containes a subjectAltName extension of
type ip address, you'll also need to use the server's FQDN instead of its
See also http://www.openldap.org/faq/data/cache/185.html