[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: SSL client certificate question and bdb_dn2id_matched question
> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org] On Behalf Of
> Tony Earnshaw
> The procedure for making a certificate signed by your own CA is:
>
> 1: Make the CA cert. This you will use for signing;
I have found this http://www.linux-mag.com/2002-03/guru_02.html and this
http://www.openldap.org/lists/openldap-software/200109/msg00745.html
They are using self-signed certificates. I have created them this way. I
also have choosen the right "cn" for the certificate. But nothing
changed. :-(
Do self-signed certificates just work on hosts they were issued for? I
will try the CA-signature tomorrow. Where does the client (ldapsearch)
expect the CA-Cert?
However thanks for your effort,
Simon
Here is some output:
nagasaki:/usr/src/linux# ldapsearch -H ldaps://soma.loge-23.ilm/ -x -b
"" -s base -d 127
ldap_create
ldap_url_parse_ext(ldaps://soma.loge-23.ilm/)
ldap_bind_s
ldap_simple_bind_s
ldap_sasl_bind_s
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection
ldap_int_open_connection
ldap_connect_to_host: soma.loge-23.ilm
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying 192.168.5.101:636
ldap_connect_timeout: fd: 3 tm: -1 async: 0
ldap_ndelay_on: 3
ldap_is_sock_ready: 3
ldap_ndelay_off: 3
ldap_int_sasl_open: host=soma.loge-23.ilm
ldap_open_defconn: successful
ldap_send_server_request
ber_flush: 14 bytes to sd 3
0000: 30 0c 02 01 01 60 07 02 01 03 04 00 80 00
0....`........
ldap_write: want=14, written=14
0000: 30 0c 02 01 01 60 07 02 01 03 04 00 80 00
0....`........
ldap_result msgid 1
ldap_chkResponseList for msgid=1, all=1
ldap_chkResponseList returns NULL
wait4msg (infinite timeout), msgid 1
wait4msg continue, msgid 1, all 1
** Connections:
* host: soma.loge-23.ilm port: 636 (default)
refcnt: 2 status: Connected
last used: Tue Jan 14 13:39:46 2003
** Outstanding Requests:
* msgid 1, origid 1, status InProgress
outstanding referrals 0, parent count 0
** Response Queue:
Empty
ldap_chkResponseList for msgid=1, all=1
ldap_chkResponseList returns NULL
do_ldap_select
read1msg: msgid 1, all 1
ber_get_next
ldap_read: want=1, got=0
ber_get_next failed.
ldap_perror
ldap_bind: Can't contact LDAP server