Re: Other system use port 636 connect LDAP Server Error

[espeake@oreillyauto.com]

From:	"Tian Zhiying" <tianzy1225@thundersoft.com>
To:	openldap-technical <openldap-technical@openldap.org>
Cc:	tianzy1225 <tianzy1225@thundersoft.com>
Date:	09/26/2013 03:38 AM
Subject:	Other system use port 636 connect LDAP Server Error
Sent by:	openldap-technical-bounces@OpenLDAP.org



 Hi

 In ldap server(localhost) , I execute  the below command , it ok.
 # ldapsearch -x -b 'ou=people,dc=mydomain,dc=com' -D
 "cn=interface,dc=mydomain,dc=com" -H ldaps://192.168.1.10 -W

 But in other linux system is not ok, below is the error info:
 # ldapsearch -x -b 'ou=people,dc=mydomain,dc=com' -D
 "cn=interface,dc=mydomain,dc=com" -H ldaps://192.168.1.10 -W
 ldap_bind: Can't contact LDAP server (-1)
         additional info: error:14090086:SSL
 routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

 LDAP Server is Centos 5.8 64 OS, iptables serverice is closed state. What
 is the cause?

 You have any Suggestions?  Thanks.


 Tian Zhiying
 -- This message has been scanned for viruses and dangerous content, and is
 believed to be clean. Message id: 6C4D96009F0.A06A1
 Is there a firewall between the two systems>  That port could be blocked.
 Try doing a telnet to that IP on port 636.

 telenet 192.168.1.10 636

 Eric

This communication and any attachments are confidential, protected by Communications Privacy Act 18 USCS § 2510, solely for the use of the intended recipient, and may contain legally privileged material. If you are not the intended recipient, please return or destroy it immediately. Thank you.