[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: how to configure tls and ldap

To: Alfonsas Stonis <alfonsasstonis@gmail.com>
Subject: Re: how to configure tls and ldap
From: Philip Guenther <guenther+ldapsoft@sendmail.com>
Date: Sun, 14 Dec 2008 20:38:03 -0800
Cc: openldap-software@openldap.org
In-reply-to: <b701dd860812141939wee5abdcwf60d938c07951874@mail.gmail.com>
References: <b701dd860812102204s6ff1096ue28afdc35be758b4@mail.gmail.com> <200812121251.18101.bgmilne@staff.telkomsa.net> <b701dd860812141939wee5abdcwf60d938c07951874@mail.gmail.com>
User-agent: Alpine 1.10 (BSO 962 2008-03-14)

On Mon, 15 Dec 2008, Alfonsas Stonis wrote:
...
> Dec 15 14:28:21 axew0204 slapd[24383]: main: TLS init def ctx failed: -60

Why haven't you looked up those error numbers in the GNUtls docs?

#define GNUTLS_E_CERTIFICATE_KEY_MISMATCH -60


(If I was in your position, I would would remove OpenLDAP from the picture 
and work out a valid cert, key, and CAcert combo using just the tools 
provided by GNUtls.  I would hope the GNUtls documentation has the 
necessary examples and information to do that; lacking that, I would 
consult the help-gnutls@gnu.org mailing list.  Once that's worked out, you 
can address the OpenLDAP bits with some confidence that you're not giving 
it bad data.)


Philip Guenther

Follow-Ups:
- Re: how to configure tls and ldap
  - From: "Alfonsas Stonis" <alfonsasstonis@gmail.com>

References:
- how to configure tls and ldap
  - From: "Alfonsas Stonis" <alfonsasstonis@gmail.com>
- Re: how to configure tls and ldap
  - From: Buchan Milne <bgmilne@staff.telkomsa.net>
- Re: how to configure tls and ldap
  - From: "Alfonsas Stonis" <alfonsasstonis@gmail.com>

Prev by Date: Re: how to configure tls and ldap
Next by Date: Sync replication and "*Password" attributes
Index(es):
- Chronological
- Thread