[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: openldap SSL/TLS problem
"Kurt D. Zeilenga" wrote:
>
> At 02:43 AM 2001-08-30, Jehan PROCACCIA wrote:
> >Here's my problem:
> >
> >$ ldapsearch -Z -H "ldaps://mci21056.int-evry.fr" -b "dc=int-evry,dc=fr"
> >"uid=procacci"
> >ldap_start_tls: Operations error
> > additional info: TLS already started
> >ldap_sasl_interactive_bind_s: Unknown authentication method
>
> You are trying to run Start TLS over ldaps://. Since you
> already started TLS by using ldaps://, issuing a Start
> TLS command is pointless. Don't use -Z and ldaps://
> together.
Truth is that I'am confused with sasl/ssl/tls !?, ldaps means tls ? an
ldapsearch without -x nor -Z defaults to tls ? Any doc on this ?
>
> Then there appears to be no usable SASL method. Likely
> you haven't completed your SASL configuration yet. Start
> with setting up the sample client/server (or use -x to
> use simple bind).
>
> Kurt
I did nothing about sasl, I thought that using ssl was a alternative to
sasl !? do I need to configure something about sasl in slapd.conf, have
a sample file ?
anyway the search works fine with ldapsearch -x, but I want to run a
secure ldap transaction ...
Thanks.
--
Jehan Procaccia
Institut National des Telecommunications| Email:
Jehan.Procaccia@int-evry.fr
MCI, Moyens Communs Informatiques | Tel : +33 (0) 160764436
9 rue Charles Fourier 91011 Evry France | Fax : +33 (0) 160764321