[Date Prev][Date Next] [Chronological] [Thread] [Top]

why LDAP and LDAPS was opened contemporary

I set tls options to use ldaps.

question 1:
port 389 is opened yet when I scan the LDAP Server by nmap, but I could not connect it with Apache Directory Studio v1.5.3.

question 2:
 Nmap tell me "server still supports SSLv2", but I set TLSCipherSuite is HIGH:MEDIUM:-SSLv2

question 3:
 I try to import some data with ldapmodify

ldapmodify -a -H ldap://mydomain.org:636 -D "cn=admin,dc=mydomain,dc=org" -x -w whatever -f init.ldif

the following is error report:

ldap_start_tls : Can't Contact LDAP Server(-1)
    addition info: error: 14000092: SSL Routine: SSL3_GET_CERTFICATE: certificate verify failed

ldap_sasl_bind(Simple): Can't Contact LDAP Server(-1)