LinuxQuestions.org
Share your knowledge at the LQ Wiki.
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Networking
User Name
Password
Linux - Networking This forum is for any issue related to networks or networking.
Routing, network cards, OSI, etc. Anything is fair game.

Notices


Reply
  Search this Thread
Old 11-24-2005, 08:27 AM   #1
mesh2005
Member
 
Registered: Sep 2005
Location: Ägypten
Distribution: Ubuntu 5.10
Posts: 155

Rep: Reputation: 30
ldap does not run with SSL


i use Fedora 4 , Openldap 2.3.11 , Heimdal Kerberos , Cyrus-SASL , OpenSSL

i want to connect ldap via SSL, the problem is when i added the following directives to the slapd.conf , the ldap process didn't start:
***************************************************************************************************
TLSCertificateFile /etc/openldap/newcert.pem
TLSCertificateKeyFile /etc/openldap/newcert.pem
***************************************************************************************************
when i removed the two directives, the slapd started!

i created this certificate using OpenSSL , and i placed it into the /etc/openldap

i hope u can help
thanks
Amir Saad
Software Engineer
 
Old 11-25-2005, 04:06 AM   #2
prabuayyappan
Member
 
Registered: Sep 2005
Location: Coimbatore
Distribution: Prabuayyappan
Posts: 32

Rep: Reputation: 15
Try including with these two

TLSCACertificateFile
TLSVerifyClient

Last edited by prabuayyappan; 11-25-2005 at 04:38 AM.
 
Old 11-27-2005, 03:53 AM   #3
mesh2005
Member
 
Registered: Sep 2005
Location: Ägypten
Distribution: Ubuntu 5.10
Posts: 155

Original Poster
Rep: Reputation: 30
thanks so much for ur reply!

i changed the directives and now the slapd started the problem is i got the following error:
**********************************************************************
ldapsearch -H ldaps://localhost/ -b cn=BA,dc=demo,dc=mydomain,dc=org
ldap_sasl_interactive_bind_s: Can't contact LDAP server (-1)

also i tried the following: (Simple Auth)
ldapsearch -H ldaps://localhost/ -b cn=BA,dc=demo,dc=mydomain,dc=org -x
ldap_bind: Can't contact LDAP server (-1)
**********************************************************************

i tried to connect to ldap instead of ldaps and it worked but i need to use TLS/SSL .
i started the slapd using:
slapd -u root -f /usr/local/etc/openldap/slapd.conf -h "ldap:/// ldaps:///"

in the ldap.log:
"TLS negotiation failure"

i hope u can help!
thanks for ur time!

Last edited by mesh2005; 11-27-2005 at 09:04 AM.
 
  


Reply


Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off



Similar Threads
Thread Thread Starter Forum Replies Last Post
LDAP: Can't contact master ldap server rulirahm Linux - Networking 2 07-14-2014 03:02 AM
Help Apache w/ LDAP and SSL GAVollink Linux - Software 7 05-31-2012 10:39 PM
When i run rsync and updatedb: get LDAP authentication error topcat Linux - Software 1 11-21-2004 03:45 AM
SSL, LDAP, and Novell eDirectory Mordeth_0 Linux - Networking 0 06-16-2004 01:11 PM
ldap-abook unable to get street name in ldap-entry Jingle Linux - Software 1 06-06-2004 08:13 PM

LinuxQuestions.org > Forums > Linux Forums > Linux - Networking

All times are GMT -5. The time now is 01:30 AM.

Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration