[Date Prev][Date Next] [Chronological] [Thread] [Top]

SSL/TLS help


I'm having an issue between client/server SSL/TLS authentication. Basically, I want to use TLS, but *not* SASL. Unfortunately, everytime a client queries the server, they look for the attribute "supportedSASLMechanisms", which the server doesn't have, so it reports "No such object."

here's the log output:

[root@charles root]# /usr/local/bin/ldapsearch -d4
request 1 done
ldap_sasl_interactive_bind_s: No such object (32)

[~]{56}# /usr/local/libexec/slapd -h "ldap:/// ldaps:///" -d4
daemon_init: ldap:/// ldaps:///
bdb_initialize: Sleepycat Software: Berkeley DB 4.1.25: (December 19, 2002)
bdb_db_init: Initializing BDB database
bdb_db_open: dc=esm,dc=lanl,dc=gov
slapd starting
SRCH "" 0 0 0 0 0
filter: (objectClass=*)
attrs: supportedSASLMechanisms
send_ldap_result: err=0 matched="" text=""

What I want to know is if there's a way to use TLS w/o SASL? The certificates all negotiate fine, etc. But the client hangs up on this. Any ideas would be *greatly* appreciated. I've been trying to get this stuff to work right for ages.

Matt Riedel