[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Netscape address book as an SSL LDAP Client?



Hi Dave!

Thanks for the answer. As this tip worked out well, I send it to the list, too.

<overhead>
This is kinda stupid! Netscape Communicator should definitely be marked DEPRECATED! Does anybody have information on the LDAP+TLS status in Mozilla? Unencrypted LDAP works out well, although it doesn't have the full featured front end yet. Mail adresses are looked up during entry in the mail composition window, but not in the "Adressing" dialog, neither in the address book.
</overhead>


Dave Lewney wrote:

Marian Steinbach wrote:

Hi!

Since yesterday I have OpenLDAP 2.0.11 serving both ldap:// and ldaps//.
I can do searches locally using "ldapsearch -x -ZZ ..." and I can also
search the directory using Microsoft Outlook Express, having SSL activated.

But, I can't connect to the server using the Netscape Address Book (from
Communicator 4.77 an Win32) with SSL activated. I get some Errors like
"SSL_v3: bad certificate" in the serve side and an "Unknown Error" on
the client side.

Is this a known problem with Communicator, or do I have an issue on the
server side?

The FAQ-O-Maatic talks about testing TLS with Netscape, so I guess it
should work, right?

Thanks!

Marian


Hi,

I've got Netscape Address Book working over SSL ok. You need to tell
Netscape to trust the certificate on the LDAP server. One way to do this
is to go to


https://your.ldap.server:636/   # Note it is https
                                                ^

and follow the dialogue. You should then be able to do secure lookups.
  The other way is to tell netscape to trust the CA that signed the
LDAP certificate. Can't remember how to do this but I can find out if
you want.
  Good luck.

Dave
--
Dave Lewney
Principal Systems Programmer, Computing Service
University of Sussex, Brighton BN1 9QJ. Tel: 01273 678354 Fax: 01273
271956