[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS still can't accept....ssl handshake problem



s_server?

im not sure what you mean...


I can authenticate, login, do id users fine if i dont do the ldaps:///, if i just go normal without encryption... but whenever i 
run slapd with the -h ldaps:/// command, then i cant login.... if im logged in already, the id users still works..

i guess my question is which part, pam, nss, openldap..is the one not working here...if i can do id users, i thought i could login 
as well...or are the 2 commands using different things..




On May21, 12:23, Kurt D. Zeilenga wrote:
> At 11:09 AM 5/21/2004, Mark wrote:
> >so i tried to troubleshoot somewhat more..and i'm getting into this problem...
> >
> >slapd started with 
> >
> >/usr/depot/openldap/current/libexec/slapd -d 127 -u ldap -g ldap -h ldaps:/// -f /etc/depot/openldap/openldap/slapd.conf
> >
> >from the client end..if i do a ssl check on the certs,i get
> >
> >/usr/depot/openssl/current/bin/openssl s_client -connect needlefish.internal.foo.com:636 -showcerts -state -CAfile /etc/depot/openldap/certs/cacert.pem
> 
> >while on the server side it shows
> 
> I suggest you try s_server here first to eliminate any OpenSSL specific
> problems.  Once you have s_client talking to s_server, then it should
> be rather straight forward to translate your success (first with slapd
> and then with ldapsearch) to OpenLDAP Software.
> 
> Kurt