[Date Prev][Date Next] [Chronological] [Thread] [Top]

problem with openldap ssl client



Hello
 I have an openldap server running slapd on 636 (LDAPS) . When I connect
from a ldap browser , I am able to successfully browse the database.
However when I try to connect from a linux client machine (Ubuntu Server
8.04) I am not able to connect to the ldaps. However regular ldap works
fine.


The /etc/ldap.conf looks like this

ssl start_tls
ssl on
tls_checkpeer tes
tls_cacertdir /etc/ldap/cacerts
tls_cacertfile /etc/ldap/cacert/cacert.pem
#server IP
uri ldaps://30.0.0.2/
pam_password md5
base dc=example,dc=com

The /etc/ldap/ldap.conf file is like this

URI     ldaps://30.0.0.2/
TLS_CACERTDIR /etc/ldap/cacerts
TLS_CACERT   /etc/ldap/cacerts/cacert.pem
HOST 30.0.0.2
BASE dc=example,dc=com

The same configuration (with approprirate changes - replacing ldaps with
ldap and so on) works fine for regular ldap. But the problem is the
ldaps.

When ldaps client is enabled and I do a getent passed ,
the /var/log/auth.log looks like this

Jul  7 23:57:46 host3 getent: nss_ldap: reconnecting to LDAP server...
Jul  7 23:57:46 host3 getent: nss_ldap: reconnecting to LDAP server
(sleeping 1 seconds)...
Jul  7 23:57:47 host3 getent: nss_ldap: could not search LDAP server -
Server is unavailable
Jul  7 23:58:18 host3 getent: nss_ldap: reconnecting to LDAP server...


Please suggest where I could have gone wrong. Any suggestions would be
really appreciated.

Thanks
Sambuddho