LinuxQuestions.org
Help answer threads with 0 replies.
Home Forums Tutorials Articles Register
Go Back   LinuxQuestions.org > Forums > Linux Forums > Linux - Server
Reload this Page Ldap ssl on Debian Squeeze
User Name
Password
Linux - Server This forum is for the discussion of Linux Software used in a server related context.

Notices


Reply
  Search this Thread
Old 11-08-2011, 11:05 AM   #1
Pex
LQ Newbie
 
Registered: Oct 2011
Posts: 3

Rep: Reputation: Disabled
Ldap ssl on Debian Squeeze

Hi,
I'm trying to configure openldap server and client with ssl authentication on Debian Squeeze distribution.

On the server (tmpldap.myservers.com) I installed openldap with ssl enabled, certification authority and certificates.
/etc/sladp.conf file

TLSVerifyClient try
TLSCipherSuite normal
TLSCACertificateFile /etc/ldap/certs/cacert.pem
TLSCertificateKeyFile /etc/ldap/certs/tmpldap.myservers.com.key
TLSCertificateFile /etc/ldap/certs/tmpldap.myservers.com.crt



On the client (tmpsamba.myservers.com) I installed libnss-ldapd and libpam-ldapd packages as indicated in various howto of Debian Squeeze.

/etc/nslcd.conf file

# SSL options
ssl on
tls_reqcert try
tls_cacertfile /etc/smbldap-tools/certs/cacert.pem
tls_cert /etc/smbldap-tools/certs/tmpsamba.myservers.com.crt

/etc/ldap/ldap.conf file

TLS_REQCERT try
TLS_CACERT /etc/smbldap-tools/certs/cacert.pem



The following command returns "Verify return code: 0 (ok)", so the certificate it's ok.
openssl s_client-connect tmpldap.myservers.com: 636-showcerts-state-CAFile/etc/smbldap-tools/certs/cacert.pem

On the client can use ldapsearch -x and all smbtools (also configured with SSL authentication).

I started nslcd -d.
launching "getent passwd", the result is the following:

nslcd: [8b4567] failed to bind to LDAP server ldaps: / / tmpldap.myservers.com: Can not contact LDAP server: Permission denied
nslcd: [8b4567] DEBUG: ldap_unbind ()
nslcd: [8b4567] No LDAP servers found available

ldapsearch works correctly, even smbldap-tools. The certificates are correct! What is wrong?

Nslcd why can not connect?

Thank you!
Last edited by Pex; 11-08-2011 at 11:08 AM.
 
  


Reply



Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts
BB code is On
Smilies are On
[IMG] code is Off
HTML code is Off


Similar Threads
Thread Thread Starter Forum Replies Last Post
LXer: How To Set Up SSL Vhosts Under Nginx + SNI Support (Ubuntu 11.04/Debian Squeeze) LXer Syndicated Linux News 0 09-13-2011 05:50 PM
LXer: Debian Squeeze, Squid, Kerberos/LDAP Authentication, Active Directory Integration And Cyfin Re LXer Syndicated Linux News 0 06-17-2011 10:12 PM
LXer: How To Set Up MySQL Database Replication With SSL Encryption On Debian Squeeze LXer Syndicated Linux News 0 06-08-2011 05:20 AM
LXer: Easy RoundCube (Over SSL) And Webmin With fail2ban For ISPConfig 3 On Debian Squeeze LXer Syndicated Linux News 0 03-04-2011 09:00 AM
Could someone write an easy LDAP with NFS Client howto, for squeeze debian? frenchn00b Debian 2 10-26-2009 12:59 AM

LinuxQuestions.org > Forums > Linux Forums > Linux - Server

All times are GMT -5. The time now is 07:34 AM.

Contact Us - Advertising Info - Rules - Privacy - LQ Merchandise - Donations - Contributing Member - LQ Sitemap -
Main Menu
Advertisement
My LQ
Write for LQ
LinuxQuestions.org is looking for people interested in writing Editorials, Articles, Reviews, and more. If you'd like to contribute content, let us know.
Main Menu
Syndicate
RSS1  Latest Threads
RSS1  LQ News
Twitter: @linuxquestions
Open Source Consulting | Domain Registration