[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problem connecting using TLS

To: openldap-software@OpenLDAP.org
Subject: Re: Problem connecting using TLS
From: Dieter Kluenter <dieter@dkluenter.de>
Date: Mon, 20 Oct 2003 21:33:15 +0200
In-reply-to: <1066657111.14206.58.camel@columbus.webtent.org> (Robert Fitzpatrick's message of "20 Oct 2003 09:38:31 -0400")
References: <1066657111.14206.58.camel@columbus.webtent.org>
User-agent: Gnus/5.1001 (Gnus v5.10.1) XEmacs/21.4 (Portable Code, linux)

Robert Fitzpatrick <robert@webtent.com> writes:

[...]
>
> TLSCACertificateFile /etc/openldap/cacert.pem
> TLSCertificateFile /etc/openldap/servercrt.pem
> TLSCertificateKeyFile /etc/openldap/serverkey.pem

> I copy the cacert.pem to my RedHat Linux 9 workstation and verify it as
> follows:

> I put 'tls_cert /home/robert/cacert.pem' in my home directory in
> .ldaprc. Trying to connect from the workstation produces the following:
>
> [robert@columbus robert]$ ldapsearch -x -Z -b
> "dc=hermes,dc=webtent,dc=org" -D
> "cn=Manager,dc=hermes,dc=webtent,dc=org" -W "(ObjectClass=*)" -h
> "hermes.webtent.org"
> ldap_start_tls: Can't contact LDAP server
> Enter LDAP Password:
> ldap_bind: Can't contact LDAP server
>
> Any ideas why I can't get connected?

You have not created any client certificates, that is, no clientcert.pem
nore a clientkey.pem and not signed this certs. 

http://www.openldap.org/pub/ksoper/OpenLDAP_TLS_howto.html

-Dieter
-- 
Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter(at)dkluenter.de
http://www.avci.de

Follow-Ups:
- RE: Problem connecting using TLS
  - From: "Howard Chu" <hyc@symas.com>

References:
- Problem connecting using TLS
  - From: Robert Fitzpatrick <robert@webtent.com>

Prev by Date: RE: Install Help
Next by Date: RE: Problem connecting using TLS
Index(es):
- Chronological
- Thread