On Fri, 23 Jan 2004, Miguel Baptista wrote:
can u give more detail on the error information.
try using -d -1 on ur ldapsearch that should more detailed info.
i assume u have installed ldap with ssl support (and the correct path to
ssl libraries) also check if ur server permission to read
the CA certs (server as root shuld b ok)
best bet try with -d -1 and that should b sufficient to find out the
reason.
lemme know if this helps,
siva
I'm using Openldap v.2.1.22 and openSSL 0.9.7b
I start my server with this command line:
/usr/local/libexec/slapd -d9 -h "ldap:/// ldaps:///"
PORT 636
TLS_CACERT /var/myca/estagio/cacert.pem
TLS_REQCERT demand
My .ldaprc (in my user's home)
TLS_REQCERT demand
# client authentication
TLS_CERT /home/miguel/client.pem
TLS_KEY /home/miguel/client.key.pem
When i try this:
ldapsearch -x -D "cn=Manager,dc=uminho,dc=pt" '(objectclass=*)' -H
ldaps://estagio -W
I got this error (in ldap server ):
TLS trace: SSL_accept:before/accept initialization
TLS: can't accept.
connection_read(13): TLS accept error error=-1 id=4, closing
and with this:
ldapsearch -x -D "cn=Manager,dc=uminho,dc=pt" '(objectclass=*)' -H
ldaps://estagio -w "secret" -ZZ
i got the same error
I tried the testing commands (from the how to, and everything seams ok):
openssl s_client -connect myserver.com:636 ...
Can anyone help? I'm forgeting something? I've read something about the
environment variable LDAPNOINIT, is this necessary?
Best Regards