[Date Prev][Date Next] [Chronological] [Thread] [Top]

2 queries: SSL connections and an ldapsearch problem

To: <openldap-software@OpenLDAP.org>
Subject: 2 queries: SSL connections and an ldapsearch problem
From: "Matt Ross" <m.g.ross@herts.ac.uk>
Date: Thu, 21 Feb 2002 14:40:02 -0000
Importance: Normal
In-reply-to: <3C44C9D1.1050108@rentec.com>

I have installed OpenLDAP 2.0.23 with OpenSSL 0.9.6c on a Solaris 8 Sun
Ultra.

Please bear with me as I'm a beginner who finds LDAP really confusing. I
have two issues, one regarding SSL and the other regarding ldapsearch
usage.

SSL:
I can't get secure connections to the LDAP server to work at all. I
notice that users of the Netscape LDAP SDK have to add an option to the
slapd.conf telling the server where the certificates database is (i.e.
cert7.db). Am I supposed to do something similar with OpenLDAP? In the
slapd debug messages everything looks fine until I get:

SSL_accept:error in SSLv3 read client certificate A

Is this significant or should I ignore it?

LDAPSEARCH:
I have the following ldapadd statement adding a host to the database:

ldapadd -D cn=Manager,dc=mydomain,dc=com -w 'secret' -f ~/ldif -x

Where ~/ldif contains:

dn: ou=hosts,dc=mydomain,dc=com
objectclass: top
dn: cn=testhost,ou=hosts,dc=mydomain,dc=com
cn: testhost
ipHostNumber: 10.1.1.1
objectclass: ipHost

This successfully adds the item to the hosts table. However, when I try
and use ldapsearch to find it or anything else, it gives the following
output:

$ ldapsearch -x -s base "objectclass=*" "*"
version: 2

#
# filter: objectclass=*
# requesting: * 
#

# search result
search: 2
result: 0 Success

# numResponses: 1

Yet if I use '<ldaproot>/servers/slapd/tools/slapcat' it lists it as
follows:

[snip]
dn: cn=testhost,ou=hosts,dc=mydomain,dc=com
cn: testhost
ipHostNumber: 10.1.1.1
objectClass: ipHost
creatorsName: cn=Manager,dc=mydomain,dc=com
createTimestamp: 20020221140500Z
modifiersName: cn=Manager,dc=mydomain,dc=com
modifyTimestamp: 20020221140500Z
[snip]

So am I using ldapsearch incorrectly?

Thanks for reading. Let me know what further information would be
useful.

Regards,

Matt Ross

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-
                                          Software Support Officer
                   Faculty of Engineering and Information Sciences
               University of Hertfordshire, College Lane, Hatfield
                                           Hertfordshire  AL10 9AB
                                                           England
   Phone: +44 (0)1707 286297          E-Mail: m.g.ross@herts.ac.uk
   Fax:   +44 (0)1707 286298      WWW: http://www.mross.co.uk/work
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-

Follow-Ups:
- Re: 2 queries: SSL connections and an ldapsearch problem
  - From: Robert Horton <robh@informatics.bangor.ac.uk>
- Unified login with Novell eDirectory and OpenLDAP servers?
  - From: "Matt Ross" <m.g.ross@herts.ac.uk>

Prev by Date: Re: double ou
Next by Date: Re: slapd 1.2.13 stops replicating
Index(es):
- Chronological
- Thread