[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP + TLS



>  
>  
>  
>  I am trying to put LDAP with TLS, but I have a problem: 
> ---------------------- Debug slapd ------------------------ 
> tls_read: want=2, got=2 
>   0000:  02 30                                              .0 
> TLS trace: SSL3 alert read:fatal:unknown CA 
> TLS trace: SSL_accept:failed in SSLv3 read client certificate A 
> TLS: can't accept. 
> TLS: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca  
> s3_pkt.c:1052 
> connection_read(10): TLS accept error error=-1 id=1, closing 
> connection_closing: readying conn=1 sd=10 for close 
> connection_close: conn=1 sd=10 
> daemon: removing 10 
> ----------------------------------------------------------------- 
>  
>  
>  
>  I am using ldap client. 
>  I already read a lot of home pages in the Internet, but I don't find 
the  
> solution. 
>  
>  In my client ldap: 
> -------- LDAP client --------------------------------------- 
> ldapsearch -x -b 'dc=br' -D "cn=root,dc=com" '(objectclass=*)' -h 
> localhost -W -f /etc/ldap/ldap.conf -Z 
> ldap_start_tls: Connect error (91) 
>         additional info: error:14090086:SSL  
> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed 
> Enter LDAP Password: 
> ldap_bind: Can't contact LDAP server (81) 
>         additional info: error:14090086:SSL  
> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed 
> ---------------------------------------------------------------- 
>  
>  
>  Does someone know like help me? 
>  
>  
Create a CA and sign your certificate with it. Put the public CA 
certificate on the client and configure ldap.conf where to find it. 
 
Florian 
end 

-- 
GMX im TV ... Die Gedanken sind frei ... Schon gesehen?
Jetzt Spot online ansehen: http://www.gmx.net/de/go/tv-spot