[Date Prev][Date Next] [Chronological] [Thread] [Top]

SSL/TLS help

To: openldap-software@OpenLDAP.org
Subject: SSL/TLS help
From: Matthew Riedel <mriedel@lanl.gov>
Date: Fri, 21 Nov 2003 12:14:15 -0700

Hello,

I'm having an issue between client/server SSL/TLS authentication. Basically, I want to use TLS, but *not* SASL. Unfortunately, everytime a client queries the server, they look for the attribute "supportedSASLMechanisms", which the server doesn't have, so it reports "No such object."

here's the log output:

client
======
[root@charles root]# /usr/local/bin/ldapsearch -d4
request 1 done
ldap_sasl_interactive_bind_s: No such object (32)

server ====== [~]{56}# /usr/local/libexec/slapd -h "ldap:/// ldaps:///" -d4 daemon_init: ldap:/// ldaps:/// bdb_initialize: Sleepycat Software: Berkeley DB 4.1.25: (December 19, 2002) bdb_db_init: Initializing BDB database bdb_db_open: dc=esm,dc=lanl,dc=gov slapd starting connection_get(14) SRCH "" 0 0 0 0 0 filter: (objectClass=*) attrs: supportedSASLMechanisms send_ldap_result: err=0 matched="" text="" connection_get(14)

What I want to know is if there's a way to use TLS w/o SASL? The certificates all negotiate fine, etc. But the client hangs up on this. Any ideas would be *greatly* appreciated. I've been trying to get this stuff to work right for ages.

Thanks,
Matt Riedel

Follow-Ups:
- Re: SSL/TLS help
  - From: Quanah Gibson-Mount <quanah@stanford.edu>
- Re: SSL/TLS help
  - From: m.schatzl@gmx.net

Prev by Date: Re: Updating ShadowLastChange with slurpd
Next by Date: Re: failed assertion `LBER_VALID( ber )'
Index(es):
- Chronological
- Thread