[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ssl and openldap

To: openldap-software@OpenLDAP.org
Subject: Re: ssl and openldap
From: Xavier Renard <xavier.renard@ulg.ac.be>
Date: Mon, 10 Jan 2005 17:46:16 +0100
In-reply-to: <77c28e7405011007306fe0086f@mail.gmail.com>
References: <A04B6AE6ED3BD742B64D5B17093F64E29130A9@IMSSGPX01.ims.mhm.mhc> <77c28e7405011007306fe0086f@mail.gmail.com>
User-agent: Mozilla Thunderbird 0.7.3 (X11/20040830)

Hi Gustavo,

just a guess,you have this error

routines:ASN1_verify:unknown message digest algorithm

So, i would have a look at your message digest which appear to be md4:

from your certificate (which  would have been nice to have  in plain text):md4WithRSAEncryption
from your openssl.cnf:default_md              = md4

if you look at the man of ca, you found this:

-md alg
          the message digest to use. Possible values include
          md5, sha1 and mdc2.  This option also applies to CRLs.


Yu should also check if md4 is available on your machine
openssl list-message-digest-commands

Xavier


Gustavo Rios wrote:

Here you have it:

etosha$ uname -a
OpenBSD etosha.fesv.br 3.6 GENERIC#0 i386
etosha$

According to config.status
# ./configure  --prefix=/asd --enable-local --enable-ipv6
--with-cyrus-sasl --with-tls --e
nable-slapd --disable-cleartext --enable-bdb --disable-ldbm --enable-slurpd

$ ls -l
drwxr-xr-x  10 grios  ord      1024 Dec 22 09:31 openldap-2.2.17
-rw-r--r--   1 grios  ord   2569153 Dec 10 14:50 openldap-stable-20040923.tgz

Gary, thank you very much for your time and patience.

Kind regards.

Follow-Ups:
- Re: ssl and openldap
  - From: Gustavo Rios <vieira.rios@gmail.com>

References:
- RE: ssl and openldap
  - From: "Tay, Gary" <Gary_Tay@platts.com>
- Re: ssl and openldap
  - From: Gustavo Rios <vieira.rios@gmail.com>

Prev by Date: Re: subordinate config error [auf Viren überprüft]
Next by Date: Re: ldapsearch supportedSASLMechanisms : ANONYMOUS is missing
Index(es):
- Chronological
- Thread