[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Can't connect LDAP server (81)



Hi,

Matthijs Mohlmann <matthijs@active2.homelinux.org> writes:

> I am setting up a LDAP server with SSL/TLS. My server starts with the
> good options to start a server on port 389 (ldap) and port 636 (ldaps).
[...]
> But when i try the following command
> ldapsearch -H ldaps:/// -I -b "" -s base -LLL supportedSASLMechanisms
>
> i got this:
> ldap_sasl_interactive_bind_s: Can't contact LDAP server (81)
>         additional info: Error in the certificate.
>
> Ok i get a step back and try the following command:
> ldapsearch -H ldap://server.active2.homelinux.org/ -x -b "" -s base -LLL
> -ZZ supportedSASLMechanisms
>
> i got the following:
> ldap_start_tls: Connect error (91)
>         additional info: Error in the certificate.
>
> I have my certificate set up with the following information:
> openssl req -new -x509 -nodes -out server.pem -keyout server.pem -days
> 365
[...]

Your certifcate is not signed by a certifcate authority but your
configuration shows a path to a CA file, see this howto

http://www.openldap.org/faq/index.cgi?file=185

-Dieter
-- 
Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter(at)dkluenter.de
http://www.avci.de