[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS/SSL error when authenticating



On Wed, 9 Mar 2005, Omar Al-Tabari wrote:

I'm trying to complete the LDAP setup to use TLS/SSL, its already working without this feature but i need it to run with TLS/SSL. but it isnt working., you can see the debuggers output below to see the exact error that occurs:

[cut]

my /etc/openldap/ldap.conf file is this: ####################################### HOST 127.0.0.1 BASE dc=ldaptest,dc=batelco,dc=jo TLS_CACERT /etc/openldap/cert/cacert.pem #######################################

my clients "another linux machine" ldap.conf file is this:
######################################
pam_password md5
port 636
host ldaptest.batelco.jo
base dc=ldaptest,dc=batelco,dc=jo
ssl on
TLS_CACERT /misc/cacert.pem
######################################

You are mixing OpenLDAP ldap.conf and pam/nss_ldap ldap.conf directives in the same file on your client. These are separate files in separate locations for separate services. Search the archives for more info about this.

man ldap.conf(5) will tell you about OpenLDAP's ldap.conf (including
its location).

If straightening that out doesn't fix you up, make 100% sure that the
CA root certificate distributed to your client is identical to the CA
root certificate that was used to sign your LDAP server certificate.

--
  Kirk Turner-Rustin       | Programmer/Analyst
  Ohio Wesleyan University | Libraries and Information Services
  http://www.owu.edu       | http://lis.owu.edu