Re: backend-meta usage

On 1/24/07, Aaron Richton <richton@nbcs.rutgers.edu > wrote:

OK, a couple long shots (I don't really believe these, but they should be
quick to try and since you're not working anyway they shouldn't hurt)...

Do TLSCACertificateFile and/or TLSCACertificatePath match TLS_CACERT
and/or TLS_CACERTDIR? Can you make them that way?

Can you verify somehow that the ldap.conf you expect to be read is indeed
being read? That there's no ~/.ldaprc in the way?

"TLS_REQCERT never" should set the library to its most liberal; it's
somewhat surprising that it's still complaining about CA in that case.

On Wed, 24 Jan 2007, Stephen Agar wrote:

> I appreciate everyone's advice, I have verified that as the same uid "user
> ldap", i CAN connect to the external LDAP server via "ldapwhoami over
> ldaps://" but when connecting to localhost and attempting to use the "meta"
> definition, it doesn't work.
>
> I don't have a copy of the cacert on the external server, i just have a self
> signed setup on my own openldap box. Do I need to get a copy of their
> cacert.pem and configure that in my ldap.conf ?
>
> I haven't had a chance to look at the strace/truss output yet, but will post
> when I do.
>
> --stephen

References:

backend-meta usage
- From: "Stephen Agar" <seagar@gmail.com>
Re: backend-meta usage
- From: Aaron Richton <richton@nbcs.rutgers.edu>
Re: backend-meta usage
- From: "Stephen Agar" <seagar@gmail.com>
Re: backend-meta usage
- From: "Stephen Agar" <seagar@gmail.com>
Re: backend-meta usage
- From: Aaron Richton <richton@nbcs.rutgers.edu>
Re: backend-meta usage
- From: "Stephen Agar" <seagar@gmail.com>
Re: backend-meta usage
- From: Alex Samad <alex@samad.com.au>
Re: backend-meta usage
- From: "Stephen Agar" <seagar@gmail.com>
Re: backend-meta usage
- From: Aaron Richton <richton@nbcs.rutgers.edu>