[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldaps: not working, RH7.2,OpenLDAP 2.0.21

To: openldap-software@OpenLDAP.org
Subject: Re: ldaps: not working, RH7.2,OpenLDAP 2.0.21
From: "Carl J Meyer" <carljm@goshen.edu>
Date: Wed, 30 Jan 2002 16:55:42 -0500 (EST)
In-reply-to: <Pine.LNX.4.44.0201301621470.6353-100000@mennonet1.goshen.edu>

I can't believe in a full day of banging my head on this one that I didn't
ever try just "-h ldaps:///" all by itself - which works!  Which of course
makes me realize that if I did

slapd -h "ldap:/// ldaps:///"

instead of

slapd -h ldap:/// ldaps:///

it would probably start both servers correctly.  Which it of course does.

Sorry to everyone who wasted their time reading this...

Carl

On Wed, 30 Jan 2002, Carl J Meyer wrote:

> I've compiled my own OpenLDAP 2.0.21 on RedHat 7.2 with the RPM version of
> OpenSSL-0.9.6b-8.  I can connect to LDAP just fine using the Start_TLS
> method (ie with -ZZ on the commandline of ldapsearch, connecting to port
> 389), but I cannot connect to ldaps: (port 636) at all - it simply
> says "Can't contact LDAP server" and nothing shows up in the logs.
>  Telnetting to port 636 shows that there is simply
> no service running there - the connection is refused.  
> 
> The only error I get when slapd starts up is "socket() failed errno=97
> (Address family not supported by protocol)".  For a while I thought
> that was the problem, but I found in the FAQ that that error is just
> from not having IPv6 in my kernel and it shouldn't be related.
> 
> I don't have a firewall running AFAIK (unless its something funky that
> RedHat does) - no ipchains anywhere, and I compiled my own
> kernel without netfilter.
> 
> The reason I need ldaps:// instead of just Start_TLS is that I need to use
> LDAP with PHP4, which as far as I can tell only supports the ldaps:// method.
>  If anyone knows of a way to make PHP do Start_TLS then I can be satisfied
> without ldaps://.
> 
> If it matters, here was my configure line for openLDAP:
> 
> ./configure --prefix=/usr/local --enable-syslog --enable-cache \
> --with-cyrus-sasl --with-tls --enable-wrappers --with-ldbm
> 
> I don't think TCP wrappers should be causing any problem, because connects
> work fine on port 389.  I've also tried both starting slapd without the -h
> option, and starting it with "-h ldap:/// ldaps:///".
> 
> Anyone have any ideas why slapd isn't accepting connections on port 636?
>  TIA for any help...
> 
> Carl
>

References:
- ldaps: not working, RH7.2,OpenLDAP 2.0.21
  - From: "Carl J Meyer" <carljm@goshen.edu>

Prev by Date: ldaps: not working, RH7.2,OpenLDAP 2.0.21
Next by Date: Re: ldaps: not working, RH7.2,OpenLDAP 2.0.21
Index(es):
- Chronological
- Thread