[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: what's the differnce?

On Mon, 2004-07-12 at 15:24, Christian Schäfer wrote:
> hi all,
> I am new here, so: hello! :-)
> I wnated to install LABE on my gentoo box, and LABE needs the options -h 
> and -p when doing ldapsearch. but on my installation I get problems..
> # ldapsearch -D "cn=root,dc=krachstoff.dyndns,dc=org" -W
> works pretty well.
> # ldapsearch -D -h localhost -p 636 "cn=root,dc=krachstoff.dyndns,dc=org" -W
> does not.

Port 636 is used for LDAP over SSL.  In order for that to work, you will
need to have generated an SSL certificate for the LDAP server to use,
and the SSL certificate will have to have the fully qualified domain
name of the LDAP server set as it's Common Name attribute.  If you're
just communicating with the LDAP server in question via localhost, then
you shouldn't need SSL, (you can just set the -p option to use the
default LDAP port of 389) however, if you're communicating over a
network then you should definatley read 
http://www.openldap.org/pub/ksoper/OpenLDAP_TLS_howto.html for more
information on setting up SSL/TLS.

> /christian