[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
RE: openldap - SSL/TLS - authentification unix
- To: <openldap-software@OpenLDAP.org>
- Subject: RE: openldap - SSL/TLS - authentification unix
- From: Dieter Kluenter <dieter@dkluenter.de>
- Date: Thu, 14 Aug 2003 15:22:36 +0200
- In-reply-to: <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAoTMCUkUVIU+EN1lpRTz5FcKAAAAQAAAAemQ8btDGR0uW+89yk/QDBAEAAAAA@e-qual.fr> (Broussard Philippe's message of "Thu, 14 Aug 2003 14:20:11 +0200")
- References: <!~!UENERkVCMDkAAQACAAAAAAAAAAAAAAAAABgAAAAAAAAAoTMCUkUVIU+EN1lpRTz5FcKAAAAQAAAAemQ8btDGR0uW+89yk/QDBAEAAAAA@e-qual.fr>
- User-agent: Gnus/5.1001 (Gnus v5.10.1) XEmacs/21.4 (Portable Code, linux)
Hi,
"Broussard Philippe" <philippe.broussard@e-qual.fr> writes:
> Thanks for the answer but I don't understand what you mean by : the DN
> ???
[...]
> Hi,
>
> "Broussard Philippe" <philippe.broussard@e-qual.fr> writes:
>
>> Hi,
>>
>>
>>
>> I want authenticate my users when they are loging on a station linux
>> I use pam_ldap and nss_ldap (the tarball not the package), openldap
>> 2.1.17, openssl 0.9.7 and debian 3.0
>>
>> I start the server ldap with :
>> slapd -h "ldap://127.0.0.1:389 ldaps://127.0.0.1:636"
>>
>> In the file : var/log/auth.log, I have this lines
>>
>> Aug 14 10:56:43 squid login[7986]: pam_ldap:
>> ldap_set_option(LDAP_OPT_X_TLS_REQUIRE_CERT): Unknown error
>> Aug 14 10:56:43 squid login[7986]: pam_ldap: _set_ssl_default_options
>> failed
>> Aug 14 10:56:43 squid login[7986]: pam_ldap: ldap_simple_bind Can't
>> contact LDAP server
>
> With what DN did you create your server certificate?
You are trying to establish TLS session and the certificate can't be
read. That is mostly because of a wrong server DN in the certificate.
-Dieter
--
Dieter Kluenter | Systemberatung
Tel:040.64861967 | Fax: 040.64891521
mailto: dkluenter(at)dkluenter.de
http://www.avci.de