SSL + openldap

["Broussard Philippe" <philippe.broussard@e-qual.fr>]

Hi,


I use pam_ldap (tarball) for unix authentification and SSL for secure
transfert

I give you my slapd.conf, ldap.conf and my log (auth.log)


Have you an idea about why it don't work ???

Thanks

Philippe


PS : the ldap server log gave nothing and I start slapd with tis command
line : slapd -d 256 -h "ldap://127.0.0.1:389/ ldaps://127.0.0.1:636/"


SLAPD.CONF
**********

#TLSCipherSuite HIGH:MEDIUM:+SSLv2
TLSCertificateFile /opt/certificate/serveur_certificat/server.crt
TLSCertificateKeyFile /opt/certificate/serveur_key/server.key
TLSCACertificateFile /opt/certificate/autorite_certificat_signed/ca.crt
TLSVerifyClient demand

LDAP.CONF
*********

host XXX.XXX.XXX.XXX
base dc=XXXX,dc=XXXXX
uri ldap://127.0.0.1/
uri ldaps://127.0.0.1/
#uri ldapi://%2fvar%2frun%2fldapi_sock/
#ldap_version 3
binddn cn=Root,dc=XXXXXX,dc=XXX
bindpw XXXXX
#rootbinddn cn=manager,dc=padl,dc=com
port 636
scope sub
#scope one
#scope base
#timelimit 30
#bind_timelimit 30
#idle_timelimit 3600


AUTH.LOG
********

Aug 18 10:51:47 squid login[407]: pam_ldap:
ldap_set_option(LDAP_OPT_X_TLS_REQUIRE_CERT): Unknown error
Aug 18 10:51:47 squid login[407]: pam_ldap: _set_ssl_default_options
failed
Aug 18 10:51:47 squid login[407]: pam_ldap: ldap_simple_bind Can't
contact LDAP server
Aug 18 10:51:49 squid login[407]: pam_ldap: ldap_simple_bind Can't
contact LDAP server