[Date Prev][Date Next] [Chronological] [Thread] [Top]

why LDAP and LDAPS was opened contemporary

To: openldap-technical@openldap.org
Subject: why LDAP and LDAPS was opened contemporary
From: owen nirvana <freeespeech@gmail.com>
Date: Fri, 2 Jul 2010 11:19:30 +0800
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:received:mime-version:received:from:date :message-id:subject:to:content-type; bh=hwx2iMH1i4tAh5u6t/fpNtz3CM1M6s9r2UlUnco+VPU=; b=qrrWwL6GDKKzjFVnnk05CWigjUlaYnMrbxHyR3UbE7lS0wwnY/4Yxh0obJhnjzF835 TWQa4m6W/qlivsPkBIEsPfSfECc2F/1b4PrJcQC/nWErlRT5vS6Il1Bnh9n7vwFw1/He /Bqd4kuDoyxYaZ5uuRg1QmI/rEgAmOISr9J6A=
Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:from:date:message-id:subject:to:content-type; b=S555VgL4u7RKeXPBKNmlXhLq07Lw8bGXxNIjkqc6gkiIII3Hy0cOuy8MWCIxstNdvx tc5CGoTTbIe0P6c3YJ9Yj+SQM/4+MhKcTFXBrkj3chdUtN/oWnqyqHuQ76VzIEtEy7pI ft2/8sihApBHRqlqmTzDzIzRTGoY3B7vthGVs=

I set tls options to use ldaps.

question 1:
port 389 is opened yet when I scan the LDAP Server by nmap, but I could not connect it with Apache Directory Studio v1.5.3.

question 2:
Nmap tell me "server still supports SSLv2", but I set TLSCipherSuite is HIGH:MEDIUM:-SSLv2

question 3:
I try to import some data with ldapmodify

ldapmodify -a -H ldap://mydomain.org:636 -D "cn=admin,dc=mydomain,dc=org" -x -w whatever -f init.ldif

the following is error report:

ldap_start_tls : Can't Contact LDAP Server(-1)
addition info: error: 14000092: SSL Routine: SSL3_GET_CERTFICATE: certificate verify failed

ldap_sasl_bind(Simple): Can't Contact LDAP Server(-1)

gtalk:freeespeech@gmail.com

Follow-Ups:
- Re: why LDAP and LDAPS was opened contemporary
  - From: Indexer <indexer@internode.on.net>

Prev by Date: Re: how to run LDAP Server with TLS automatic
Next by Date: Re: why LDAP and LDAPS was opened contemporary
Index(es):
- Chronological
- Thread