[Date Prev][Date Next]
LDAPS and Sun/Netscape Proxy Server
I'm trying to use an openldap server to authenticate traffic going
through a netscape proxy server -- which is now called Sun Java System
Web Proxy Server 3.6 (SP6). The idea is to use LDAPS on the front end
of the openldap server and then send the request to a backend LDAPS
server. Looking at the documentation out there for the Sun proxy
server, it seems like this should work.
With OpenLDAP, LDAP works perfectly fine, providing I allow LDAP_v2 in
I run into problems with LDAPS:
TLS: can't accept.
TLS: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol
I'm pretty sure I've compiled openldap correctly. I don't need Cyrus
SASL, only the TLS piece. I compiled openldap with these flags. I only
want to use a server cert, no client cert.
./configure --enable-debug --enable-ldap --disable-bdb
--disable-cleartext --enable-md5 --with-tls --without-cyrus-sasl
For the client:
For the server: I tried this with a self-signed certificate.
..and the lines for the certificates.
I think I have compiled openldap correctly because an ldapsearch -Z
yields the correct results.
What does SSL23_GET_CLIENT_HELLO:unknown protocol mean?
Is there a reason why an ldapsearch -Z would fail with a self-signed cert?
Has anyone tried to get LDAPS to work with the sun proxy server? (I
know this is a little bit out of the scope of the list, but I am hopeful
maybe someone has encountered this before.)
I've RTFM'd a few times and googled different keywords to try to find an
answer to these questions. Any help/suggestions/spiritual guidance
would be greatly appreciated. Thanks for reading my posting.