[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ldapadd requires confidentiality
tonni,
thanks for your answers.
however, i am using the default slapd.conf file with no security=tls or such
configured:
$ grep -v '^#' etc/openldap/slapd.conf
include /opt2/openldap/etc/openldap/schema/core.schema
pidfile /opt2/openldap/var/slapd.pid
argsfile /opt2/openldap/var/slapd.args
database bdb
suffix "dc=svt,dc=se"
rootdn "cn=Manager,dc=svt,dc=se"
rootpw {SSHA}6tG5o2m98DpLaU+BYD8qcaWG1RLtC9g7
directory /opt2/openldap/var/openldap-data
index objectClass eq
adding -Z to the ldapadd command gives
$ bin/ldapadd -x -D 'cn=manager,dc=svt,dc=se' -Z -W -f top.ldif
ldap_start_tls: Connect error (91)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
failed
Enter LDAP Password:
ldap_bind: Can't contact LDAP server (81)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify
failed
i am stuck, this used to work.... what could possibly be wrong?
thanks for any insights
-frank
> tir, 20.01.2004 kl. 14.45 skrev "Frank Hoffsümmer":
>
> > hello, i am evaluating openldap 2.1.25 and 2.2.4 in conjunction with bdb
> > 4.2.25 on our solaris 8 machine.
> > everything compiles and installs fine, after starting slapd, i want to
> add
> > some entries to the server using
> > ldapadd (I used slappasswd to set the password in slapd.conf). Here is
> what
> > follows
> >
> >
> > bin/ldapadd -x -D 'cn=manager,dc=svt,dc=se' -W -f top.ldif
> > Enter LDAP Password:
> > ldap_bind: Confidentiality required (13)
>
> "Confidentiality required" means you've told slapd to demand TLS in
> slapd.conf: "security tls=1". So add '-Z ' onto the ldapadd command.
> Mind you, you'd better have Openssl or your Sun equivalent linked into
> your Openldap compile.
>
> --Tonni
>
> --
> mail: billy - at - billy.demon.nl
> http://www.billy.demon.nl
>
--
+++ GMX - die erste Adresse für Mail, Message, More +++
Bis 31.1.: TopMail + Digicam für nur 29 EUR http://www.gmx.net/topmail