[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Install CA Certificate

Ah, but I'm trying to get this client to connect to Active Directory on
a Microsoft Domain controller, not OpenLdap slapd.  :)  But Aaron
Richter found my problem.

Aaron Smith                Aaron.Smith@kzoo.edu
System Administrator   (269) 337-7496
Kalamazoo College

-----Original Message-----
From: Francisco Saito [mailto:fksaito@gmail.com] 
Sent: Friday, October 13, 2006 2:04 AM
To: Aaron Richton
Cc: Aaron Smith; openldap-software@openldap.org
Subject: Re: Install CA Certificate


Can you show your slapd.conf? Your client side configuration looks ok.
But have you said to slapd where are the certs?


Francisco Saito

On 10/12/06, Aaron Richton <richton@nbcs.rutgers.edu> wrote:
> > Where do I need to put a CA certificate so that Openldap can find it
> > properly?  I have openldap version 2.3.27 that was compiled using
> > openssl support on a Solaris 10 machine.  Trying to do secure LDAP
> > transactions with ldapsearch results in
> >
> > SSL initialization failed: error -8192 (An I/O error occurred during
> > security authorization.)
> I'd try "-d -1" to see what the client is thinking, or possibly truss
> see if you and it are disagreeing as to the location of ldap.conf, and
> ldap.conf is getting opened properly) to see if the open() on the
> is working.
> With that said, I don't think I've ever seen a message like that from
> OpenLDAP ldapsearch(1). Are you sure you aren't running Solaris 10's
> /usr/bin/ldapsearch instead?