[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Reg OpenLdap on Ubuntu

To: openldap-technical@openldap.org
Subject: Re: Reg OpenLdap on Ubuntu
From: "Dieter Kluenter" <dieter@dkluenter.de>
Date: Thu, 17 Sep 2009 13:57:07 +0200
In-reply-to: <d375fb280909170435w6b4513d3s7304461b335b22f0@mail.gmail.com> (Asimananda Mohanty's message of "Thu, 17 Sep 2009 17:05:18 +0530")
References: <d375fb280907100400o26cc0aebo4d964a21c1c16e0f@mail.gmail.com> <cb69cb8f0909110731s773064a9p24167abc54587ea5@mail.gmail.com> <d375fb280909170016v67d0e41dyd40fc62fe7945b6e@mail.gmail.com> <87pr9q2ev2.fsf@rubin.avci.de> <d375fb280909170127i3e7c246cs9a4846320bcf4f1c@mail.gmail.com> <87ljke2azw.fsf@rubin.avci.de> <d375fb280909170239q5870752dve48be41d6cf96638@mail.gmail.com> <87hbv13ngh.fsf@rubin.avci.de> <d375fb280909170314o58a9e911xd6b24baeaeee26ad@mail.gmail.com> <8763bh3jdv.fsf@rubin.avci.de> <d375fb280909170435w6b4513d3s7304461b335b22f0@mail.gmail.com>
User-agent: Gnus/5.1008 (Gnus v5.10.8) XEmacs/21.5-b29 (linux)

Asimananda Mohanty <asimananda.mohanty@gmail.com> writes:

> Hi Dieter,
>
> I already have the certificates and here is my ldap.conf :
>
> TLS_REQCERT demand
> TLS_CACERT /etc/ssl/certs/ca-cert.pem
>
> With these settings, it's working fine. As I already mentioned, ldapsearch
> command runs fine with "ldaps" url and also with "ldap" url WITH "-ZZ" option.
>
> I think that indicates that TLS is enabled on the server.
>
> Is there any difference in behavior when slapd used libgnutls and when it uses
> libssl ? Or they both serve the same purpose (this was my idea till now)?
>
> Does apache expect slapd to use libssl and not libgnutls ?

Apache doesn't know anything about slapd, all it does is, to connect
to a defined port and tries to verify the certificate presented and
establish a secured ldap session. If apache fails to verify the
certificate or is otherwise not able to establish a secured ldap
session it will not connect, unless the configuration allows to
establish an unsecured session.

-Dieter

-- 
Dieter Klünter | Systemberatung
sip: +49.180.1555.7770535
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6

Follow-Ups:
- Re: Reg OpenLdap on Ubuntu
  - From: Asimananda Mohanty <asimananda.mohanty@gmail.com>

References:
- Re: Reg OpenLdap on Ubuntu
  - From: Mathias Gug <mathiaz@ubuntu.com>
- Re: Reg OpenLdap on Ubuntu
  - From: Asimananda Mohanty <asimananda.mohanty@gmail.com>
- Re: Reg OpenLdap on Ubuntu
  - From: "Dieter Kluenter" <dieter@dkluenter.de>
- Re: Reg OpenLdap on Ubuntu
  - From: Asimananda Mohanty <asimananda.mohanty@gmail.com>
- Re: Reg OpenLdap on Ubuntu
  - From: "Dieter Kluenter" <dieter@dkluenter.de>
- Re: Reg OpenLdap on Ubuntu
  - From: Asimananda Mohanty <asimananda.mohanty@gmail.com>
- Re: Reg OpenLdap on Ubuntu
  - From: "Dieter Kluenter" <dieter@dkluenter.de>
- Re: Reg OpenLdap on Ubuntu
  - From: Asimananda Mohanty <asimananda.mohanty@gmail.com>
- Re: Reg OpenLdap on Ubuntu
  - From: "Dieter Kluenter" <dieter@dkluenter.de>
- Re: Reg OpenLdap on Ubuntu
  - From: Asimananda Mohanty <asimananda.mohanty@gmail.com>

Prev by Date: Re: Reg OpenLdap on Ubuntu
Next by Date: Re: Reg OpenLdap on Ubuntu
Index(es):
- Chronological
- Thread