[Date Prev][Date Next] [Chronological] [Thread] [Top]

Difference between ldaps and the port 636 ?



Hi folks,

   I use the following configuration:
   	Mandrake 8.1
	OpenLDAP-2.4.14-1
	krb5-server-1.2.2-11
	krb5-workstation-1.2.2-11
	cyrus-sasl-1.5.24-7
	OpenSSL-0.9.6b-1

   And I try to secure my openldap with SSL/TLS. I use the bayour's Howto.

   When I type the command:
       ldapsearch -H "ldaps://<MY FQDN>"  -b "" -s base -LLL
supportedSASLMechanisms 
   I have the following answer:
     SASL/GSSAPI authentication started
     SASL SSF: 56
     SASL installing layers
     dn:
     supportedSASLMechanisms: GSSAPI
     supportedSASLMechanisms: LOGIN
     supportedSASLMechanisms: PLAIN
   
   But after the command:
     ldapsearch -h <MY FQDN> -p 636 -b "" -s base -LLL
supportedSASLMechanisms
   I have the answer:
     ldap_sasl_interactive_bind_s: Can't contact LDAP server


   It seems to me that the two commands are equivalent but the result is not
the same. So, I'm confused.

   I launched slapd as:
     slapd -u ldap -g ldap -l LOCAL1 -s 0 -h "ldap:/// ldaps://<MY
FQDN>:636/"

   My slapd.conf:
     TLSCertificateFile     /etc/openldap/ldap.pem
     TLSCertificateKeyFile  /etc/openldap/ldap.pem
     TLSCACertificateFile   /etc/openldap/ldap.pem

   any clue ?

   Thanks in advance


Matthieu Turpault