[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SSL/TLS testing




Hi,

>On Mon, Dec 12, 2011 at 4:19 PM, reyman <reyman64@gmail.com> wrote:
>With the option -ZZ i think, try this

>ldapsearch -x -LLL -ZZ -d 150

Yeah, It shows output containing ber_dump, ldap_write,ldap_read, tls_write, tls_read etc. But at the end is shows the following:

TLS certificate verification: Error, self signed certificate
TLS: can't connect: error:14090086:SSL routines:SSL3_GET_SERVER_
CERTIFICATE:certificate verify failed (self signed certificate).
ldap_start_tls: Connect error (-11)
    additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (self signed certificate)

Why it shows an error ? and how to resolve this?

and when I do ldapsearch with -ZZ option it gives error

$ldapsearch -x -v  -D "cn=root,dc=abc,dc=com" -w cluster -b "ou=People,dc=abc,dc=com" "uid=ldap_6" -h n0 -ZZ
ldap_initialize( ldap://n0 )
ldap_start_tls: Connect error (-11)
    additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed



>On Mon, Dec 12, 2011 at 11:21 AM, Jayavant Patil <jayavant.patil82@gmail.com> wrote:
>>Hi,

>>  I am using openldap-2.4.19-4.x86_64 on fedora 12 machine. I have enabled openldap SSL/TLS. How do I know >>(test) that I am using SSL/TLS connections instead of normal ldap:///?

--

Thanks & Regards,
Jayavant Ningoji Patil
Engineer: System Software
Computational Research Laboratories Ltd.
Pune-411 004.
Maharashtra, India.
+91 9923536030.




--





--

Thanks & Regards,
Jayavant Ningoji Patil
Engineer: System Software
Computational Research Laboratories Ltd.
Pune-411 004.
Maharashtra, India.
+91 9923536030.