[Date Prev][Date Next] [Chronological] [Thread] [Top]

OpenLDAP client TLS configuration

I'm trying to get an OpenLDAP client to use TLS to talk to (non-OpenLDAP) LDAP server. This LDAP server is properly configured for TLS (as verified by other (non-OpenLDAP) LDAP clients). I've generated the DER-format P7B file that contains the CA's trusted root certificate and copied it to my VMS system. However, whenever I try to use, say, ldapsearch with the -ZZ option and port 636, it always comes back with "Can't contact LDAP server (-1)". When I use port 389 and no TLS, it all works fine.

Any ideas? My LDAP.CONF file has TLS_CACERT and TLS_CACERTDIR entries in it, but I wouldn't swear this file is even being used.