[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Openldap server with TLS not working
Hi
I am new to OpenLDAP and have to configure and LDAP Proxy in one project.
Thanks to the mailing lists I managed to setup and configure the Ldap Proxy an get it working one 389 .
One of the next requirenents is to secure the outside connection with SSL.
So I have to configure LDAP over SSL ..
I am using openldap 2.3.43-12.el5 on Redhat EL 5.5 (Tikanga)
I created the certificates with openssl 0.9.8e-12.el5_4.6 and configured the slapd.conf
part of slapd.conf
# The next three lines allow use of TLS for encrypting connections using a
# dummy test certificate which you can generate by changing to
# /etc/pki/tls/certs, running "make slapd.pem", and fixing permissions on
# slapd.pem so that the ldap user or group can read it. Your client software
# may balk at self-signed certificates, however.
TLSCACertificateFile /etc/openldap/ssl/VordelCA.crt
TLSCertificateFile /etc/openldap/ssl/VordelDevInt.crt
TLSCertificateKeyFile /etc/openldap/ssl/VordelDev.key
TLSCipherSuite HIGH:MEDUIM:!SSLv2
TLSVerifyClient never
...
######
server got up on 636
but when I try to connect I get SSL handshake error ...
when I test on the server itself ..
openssl s_client -connect 192.168.30.169:389 -showcerts -CAfile ./ssl/VordelCA.crt
CONNECTED(00000003)
710:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake failure:s23_lib.c:188:
I got this one ...
any idea whats my problem ?
regards Axel