[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldap_start_tls: Connect error (-11)

Subject: Re: ldap_start_tls: Connect error (-11)
From: Tony Earnshaw <tonni@hetnet.nl>
Date: Tue, 20 Mar 2007 08:25:20 +0100
Cc: openldap-software@openldap.org
In-reply-to: <45FF7409.50501@unlimitedmail.org>
References: <45FF7409.50501@unlimitedmail.org>
User-agent: Thunderbird 2.0b2 (X11/20070116)

JOYDEEP wrote, on 20. mar 2007 06:41:

I have self signed certificate. Now the command * ldpasearch -x -ZZ -d
255*   shows

TLS: hostname (127.0.0.1) does not match common name in certificate
(linux.kolkatainfoservices.in).
ldap_perror
ldap_start_tls: Connect error (-11)
        additional info: TLS: hostname does not match CN in peer certificate


I have checked with the *hostname* command in linux and it shows the
hostname as
linux.kolkatainfoservices.in

I am really confused here. could any one suggest any solution please ?

It's probable that you're running slapd on 127.0.0.1 (localhost), whereas it should be running on the IP address of linux.kolkatainfoservices.in exclusively. Moreover you should have linux.kolkatainfoservices.in with its IP number in /etc/hosts, so that there's no mistaking its address.

We've (almost all of us) all been through this when we were starting out with certs :)

--Tonni

--
Tony Earnshaw
Email: tonni at hetnet dot nl

References:
- ldap_start_tls: Connect error (-11)
  - From: JOYDEEP <j.bakshi@unlimitedmail.org>

Prev by Date: Re: ldap_start_tls: Connect error (-11)
Next by Date: SSL3_READ_BYTES:sslv3 alert handshake failure
Index(es):
- Chronological
- Thread