[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Cant make my ldap work with ssl...

To: Eloy Calzado <ecalzado@hotmail.com>
Subject: Re: Cant make my ldap work with ssl...
From: D.M.Lewney@sussex.ac.uk (Dave Lewney)
Date: Tue, 02 Mar 2004 11:51:16 +0000
Cc: openldap-software@OpenLDAP.org
References: <BAY14-DAV22rblZz02H00015648@hotmail.com>
User-agent: Mozilla/5.0 (X11; U; SunOS sun4u; en-US; rv:1.1) Gecko/20020827

Eloy Calzado wrote:

Hello all, Sorry for posting another SSL/TLS problem. I've tried and tried to solve this problem myself, but I can't find the solution... I have OpenLDAP 2.1.26-1 in a debian machine. ldap works fine in normal mode (port 389) but i cann't make it work in ssl/tls mode. I have created the certificates following the manual http://www.openldap.org/pub/ksoper/OpenLDAP_TLS_howto.html (this one and others before) entering my fqdn in "common name". I have created certs many times, always getting the same results. I have configured all the files, but I always get the same errors... slapd.conf: TLSCipherSuite HIGH:MEDIUM:+SSLv2 TLSCACertificateFile /var/lib/ldap-data/cacert.pem TLSCertificateFile /var/lib/ldap-data/servercrt.pem TLSCertificateKeyFile /var/lib/ldap-data/serverkey.pem TLSVerifyClient demand #TLSVerifyClient never


Just a guess but try appending ":RSA" to the TLSCipherSuite line.

Dave
--
Dave Lewney
Principal Systems Programmer, IT Services
University of Sussex, Brighton BN1 9QJ. Tel: 01273 678354 Fax: 01273 271956

Follow-Ups:
- Re: Cant make my ldap work with ssl...
  - From: "Eloy Calzado" <ecalzado@hotmail.com>

References:
- Cant make my ldap work with ssl...
  - From: "Eloy Calzado" <ecalzado@hotmail.com>

Prev by Date: LDAP problem
Next by Date: unrecognized objectClass 'domain'
Index(es):
- Chronological
- Thread