[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Couldn't start TLS



> I have intalled a OpenLDAP with SSL support. Basically to use
> ldapmodify to change passwords in the Windows 2000 Active Directory.
> But when I type something like: ldapmodify -D "binddn" -W -b
> "dc=domain" -Z cn=user , the program send me a message saying that
> "WARNING: could not start TLS".

have you created a certificate for your ldap server?  there are some good
messages in the list archives and a faq in the faq-o-matic on the openldap
site.

from what i've read it looks like you need to generate key for a
certificate authority and then sign a second key with that and show both
to openldap.  i don't understand why yet and haven't made it work yet but
that appears to be what is required.

from the faq:
http://www.openldap.org/faq/data/cache/185.html

from the list archives (read through the entire threads)
http://www.openldap.org/lists/openldap-devel/199908/msg00039.html
http://www.openldap.org/lists/openldap-devel/200006/msg00107.html

adam.