[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS/SSL problems

Craig, why do you feel this is a TLS issue? You may want to look at the FAQ page on TLS for some help.

or the admin guide


Craig wrote:
I am running openldap 2.2.13. I am having a problem getting TLS to work. I have done numerous searches, but most web pages seem to deal with LDAP/kerberos issues. We do not run kerberos. I am only trying to prevent passwords from being sent in the clear.

I have followed the instructions on this page:


I am able to run ldapsearch with simple auth: > ldapsearch -x

but, am not able to do any of the following:
> ldapsearch
> ldapsearch -X u:myuid
> ldapsearch -X dn:uid=myuid,ou=People,dc=example,dc=com

The error is (with "-d 255"):
SASL/GSSAPI authentication started
ldap_sasl_interactive_bind_s: Local error (-2)
additional info: SASL(-1): generic failure: GSSAPI Error: Miscellaneous failure (No credentials cache found)

It looks like the server is running fine. But, the logs don't really indicate what the problem is. (It seems to be more of a client issue, but still the server should give some hint in the logs.)

If you need more debugging info, just let me know.

Any help would be greatly appreciated.