I am trying to get PostgreSQL to authenticate over LDAPS on another server; the PostgreSQL server is Debian 6.0.2 (Squeeze), x64, fully updated as of today:
Followed much of the info from here for my PostgreSQL setup:
I can get LDAP authentication working, but not LDAPS (/etc/postgresql/8.4/main/pg_hba.conf)
## This works but isn't encrypted:
local all all ldap ldapserver=auth.mydomain.net ldapport=389 ldaptls=0 ldapprefix="uid=" ldapsuffix=",ou=People,dc=mydomain,dc=net"
## Hoping to get this working:
# local all all ldap ldapserver=auth.mydomain.net ldapport=636 ldaptls=1 ldapprefix="uid=" ldapsuffix=",ou=People,dc=mydomain,dc=net"
The error when I try with LDAPS is:
2011-09-30 14:05:33 CDT LOG: could not start LDAP TLS session: error code -1
2011-09-30 14:05:33 CDT FATAL: LDAP authentication failed for user "username"
I can connect to that Auth server on port 636:
root@pgsql:~# telnet auth.mydomain.net 636
Connected to auth.mydomain.net.
Escape character is '^]'.
That server is authenticating over LDAPS port 636 for normal uses, but I cannot get PostgreSQL itself to do so. Can anyone assist please?