[Date Prev][Date Next] [Chronological] [Thread] [Top]

Setting up OpenLDAP SSL, client and server



n our University's Computer Science department, we've been using OpenLDAP to store our users' data and provide logins for our Win2k and Linux machines for about a year now. We love it. For security, we've been using hardware to prevent sensitive information leaking over the main network. Now, we'd like to move to SSL.

After reading the OpenLDAP documentation, searching the mailing list archive, and Dr. Google, I have not yet encountered a good HOWTO on setting up OpenLDAP for use over SSL. I know that it comes configured out of the box for such use and I can see that my RedHat7.3 server is indeed listening on 636, but I can't seem to connect to it via SSL with any LDAP clients, including GQ, Netscape Addressbook, and in-house LDAP apps (PHP).

Can anyone point me in the direction of a good HOWTO on setting up OpenLDAP over SSL for both server and client side? With other directory services (Novell eDirectory for example), one must export the trusted root certificate (public key) and consume that on the client side. Does such a method exist in OpenLDAP?

Thanks in advance
Dave