[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: OpenLDAP + TLS
>
>
>
> I am trying to put LDAP with TLS, but I have a problem:
> ---------------------- Debug slapd ------------------------
> tls_read: want=2, got=2
> 0000: 02 30 .0
> TLS trace: SSL3 alert read:fatal:unknown CA
> TLS trace: SSL_accept:failed in SSLv3 read client certificate A
> TLS: can't accept.
> TLS: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
> s3_pkt.c:1052
> connection_read(10): TLS accept error error=-1 id=1, closing
> connection_closing: readying conn=1 sd=10 for close
> connection_close: conn=1 sd=10
> daemon: removing 10
> -----------------------------------------------------------------
>
>
>
> I am using ldap client.
> I already read a lot of home pages in the Internet, but I don't find
the
> solution.
>
> In my client ldap:
> -------- LDAP client ---------------------------------------
> ldapsearch -x -b 'dc=br' -D "cn=root,dc=com" '(objectclass=*)' -h
> localhost -W -f /etc/ldap/ldap.conf -Z
> ldap_start_tls: Connect error (91)
> additional info: error:14090086:SSL
> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
> Enter LDAP Password:
> ldap_bind: Can't contact LDAP server (81)
> additional info: error:14090086:SSL
> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
> ----------------------------------------------------------------
>
>
> Does someone know like help me?
>
>
Create a CA and sign your certificate with it. Put the public CA
certificate on the client and configure ldap.conf where to find it.
Florian
end
--
GMX im TV ... Die Gedanken sind frei ... Schon gesehen?
Jetzt Spot online ansehen: http://www.gmx.net/de/go/tv-spot
- References:
- OpenLDAP + TLS
- From: Anderson Alves de Albuquerque <anderson@belem.voip.nce.ufrj.br>