[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SASL External : unknown authentication method



Hello,

Francois Beretti <francois.beretti@enatel.com> writes:

> hello all
>
> I get this error :
>
> [francois@linux-integ francois]$ ldapsearch -ZZ -Y EXTERNAL
> ldap_sasl_interactive_bind_s: Unknown authentication method (86)
>         additional info: SASL(-4): no mechanism available: No worthy
> mechs found
>
> ldapsearch -Z works well, my sever and client certs are both valid,

A single -Z doesn't require a successful operation

> I got :
> TLSCertificateFile      /etc/openldap/tls/cert.pem
> TLSCertificateKeyFile   /etc/openldap/tls/cert.key
> TLSCACertificateFile    /demoCA/cacert.pem
> TLSVerifyClient         demand
> in my slapd.conf.

The TLSCertifcateKeyFile must be in .pem format

> TLS trace: SSL_accept:error in SSLv3 read client certificate A
> TLS trace: SSL_accept:error in SSLv3 read client certificate A
> connection_get(9): got connid=0

There is an error in your client certificate

[...]

-Dieter

-- 
Dieter Kluenter  | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter@schevolution.com
http://www.schevolution.com/tour