[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: LDAP and TLS/SSL (was: Re: Afg! Client won't use LDAP)
Phil Dibowitz wrote:
Mitrana Cristian wrote:
It could be a hostname/certificate problem. If the server's cert is
tied to the FQDN then the outside clients
work as the cert is correct, but if you connect from the server
itself to "localhost" then the certificate
is no longer valid. By the way,I think the SSL/TLS could be set up
using "minssf" directive.
Good Call!! I haven't tested this, but the cert was made using the
internal 192.168 addy, and the server is using localhost to contact
itself! Thus I'd bet money that's the problem!
Also, I don't see a reference to this minssf directive... where are
you getting that?
Thanks!
1. probably would be better to make a cert tied to a FQDN and to an IP.
2. about minssf - man ldap.conf (from OpenLDAP 2.X cvs branch, ,but
certainly
applies to 2.1.x series also) .
mitu