[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: TLS not working with 2.0.14



Run your ldapsearch command with debugging turned up (-d127 is what I
usually use) and look at the TLS log messages. The slapd debug messages
indicate that there is no problem detected on the server end, so it
must be the client.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc

> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Nik Clayton

> On Thu, Sep 27, 2001 at 10:58:45AM -0700, David Wright wrote:
> >
> > >     # ldapsearch -h clan -D cn=Manager,dc=example,dc=com -w
> secret -L -x -ZZ
> > >     ldap_start_tls: Connect error
> >
> > I ran into a simliar problem and it turned out to be my cert;
> more recent
> > OpenLDAPs are less tolerant of nonconformant certificates. In
> particular,
> > the name in your cert must be exactly the correct FQDN of your server as
> > returned e.g. by nslookup; an IP address won't do.
>
> I think I've got that right.
>