[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: openldap-technical Digest, Vol 70, Issue 20
- To: "openldap-technical@OpenLDAP.org" <openldap-technical@OpenLDAP.org>
- Subject: RE: openldap-technical Digest, Vol 70, Issue 20
- From: "Sotomayor, Vicente (ITD)" <vicente.sotomayor@state.ma.us>
- Date: Thu, 26 Sep 2013 12:49:00 -0000
- Accept-language: en-US
- Acceptlanguage: en-US
- Cc: tianzy1225 <tianzy1225@thundersoft.com>
- Content-language: en-US
- In-reply-to: <mailman.1.1380196801.37949.openldap-technical@openldap.org>
- References: <mailman.1.1380196801.37949.openldap-technical@openldap.org>
- Thread-index: Ac66sAis0QbVsE4FTt6IM7+teyQy6wABZP6Q
- Thread-topic: openldap-technical Digest, Vol 70, Issue 20
>Message: 12
>Date: Thu, 26 Sep 2013 16:35:38 +0800
>From: "Tian Zhiying" <tianzy1225@thundersoft.com>
>To: openldap-technical <openldap-technical@openldap.org>
>Cc: tianzy1225 <tianzy1225@thundersoft.com>
>Subject: Other system use port 636 connect LDAP Server Error
>Message-ID: <2013092616353831259123@thundersoft.com>
>Content-Type: text/plain; charset="us-ascii"
>Hi
>In ldap server(localhost) , I execute the below command , it ok.
># ldapsearch -x -b 'ou=people,dc=mydomain,dc=com' -D "cn=interface,dc=mydomain,dc=com" -H ldaps://192.168.1.10 -W
>But in other linux system is not ok, below is the error info:
># ldapsearch -x -b 'ou=people,dc=mydomain,dc=com' -D "cn=interface,dc=mydomain,dc=com" -H ldaps://192.168.1.10 -W
>ldap_bind: Can't contact LDAP server (-1)
> additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
>LDAP Server is Centos 5.8 64 OS, iptables serverice is closed state. What is the cause?
>You have any Suggestions? Thanks.
Because the telnet test worked then I would look at your client config files on that hosts in addition to seeing if the file size/permission of the cert matches the size on the other client that is working. Also try ldapsearch -x -d 1 and see what the output shows.