[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldapadd requires confidentiality



tonni,
thanks for your answers.
however, i am using the default slapd.conf file with no security=tls or such
configured:

$ grep -v '^#' etc/openldap/slapd.conf 

include /opt2/openldap/etc/openldap/schema/core.schema
pidfile         /opt2/openldap/var/slapd.pid
argsfile        /opt2/openldap/var/slapd.args
database        bdb
suffix          "dc=svt,dc=se"
rootdn          "cn=Manager,dc=svt,dc=se"
rootpw          {SSHA}6tG5o2m98DpLaU+BYD8qcaWG1RLtC9g7
directory       /opt2/openldap/var/openldap-data
index   objectClass     eq


adding -Z to the ldapadd command gives


$ bin/ldapadd -x -D 'cn=manager,dc=svt,dc=se' -Z -W -f top.ldif

ldap_start_tls: Connect error (91)
        additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify 
failed
Enter LDAP Password: 
ldap_bind: Can't contact LDAP server (81)
        additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify 
failed


i am stuck, this used to work.... what could possibly be wrong?
thanks for any insights
-frank


> tir, 20.01.2004 kl. 14.45 skrev "Frank Hoffsümmer":
> 
> > hello, i am evaluating openldap 2.1.25 and 2.2.4 in conjunction with bdb
> > 4.2.25 on our solaris 8 machine.
> > everything compiles and installs fine, after starting slapd, i want to
> add
> > some entries to the server using 
> > ldapadd (I used slappasswd to set the password in slapd.conf). Here is
> what
> > follows
> > 
> > 
> > bin/ldapadd -x -D 'cn=manager,dc=svt,dc=se' -W -f top.ldif 
> > Enter LDAP Password: 
> > ldap_bind: Confidentiality required (13)
> 
> "Confidentiality required" means you've told slapd to demand TLS in
> slapd.conf: "security tls=1". So add '-Z ' onto the ldapadd command.
> Mind you, you'd better have Openssl or your Sun equivalent linked into
> your Openldap compile.
> 
> --Tonni
> 
> -- 
> mail: billy - at - billy.demon.nl
> http://www.billy.demon.nl
> 

-- 
+++ GMX - die erste Adresse für Mail, Message, More +++
Bis 31.1.: TopMail + Digicam für nur 29 EUR http://www.gmx.net/topmail