[Date Prev][Date Next]
Re: SSL3 alert write:fatal:unknown CA
Am Donnerstag, 26. Juni 2003 23:27 schrieben Sie:
> --On Thursday, June 26, 2003 11:00 PM +0200 Pierre Burri
> <firstname.lastname@example.org> wrote:
> > Hi Kent,
> > I looked in your excellent Document OpenLDAP_TLS_howto, also because
> > Quanah Gibson-Mount mentioned it.
> > In Chapter 7 Using TLS you give the following example:
> > ldapsearch -x -b 'dc=myserver,dc=com' -D "cn=Manager,dc=myserver,dc=com"
> > '(objectclass=*)' -H ldaps://myserver.com -W -ZZ
> > I thought TLS was working on port 389 and only SSL was using ldaps://
> > If that's true the command would be:
> Pierre, SSL and TLS are essentially the same thing. OpenLDAP does SSL+TLS
> on port 389. By specifying ldaps://, you request that it make an encrypted
> call to the OpenLDAP server, via SSL/TLS encryption.
I'm getting mixed up now...
on my test machine, with the combination -Z and -H ldaps:// I get the
following error message:
ldap_start_tls: Operation error (1)
additional info: TLS already started
-Z and -h hostname or -H ldaps://hostname without -Z doesn't produce any error
we'll continue tomorrow, I have to go to bed now
good night, Pierre
> Quanah Gibson-Mount
> Senior Systems Administrator
> ITSS/TSS/Computing Systems
> Stanford University
> GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html
Tel. +49 (0)30 757 02 517
Fax: +49 (0)30 757 02 518