[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAPS: ldapsearch working, back-ldap failing?

To: Mitchell Im <sogarthm@hotmail.com>, openldap-technical@openldap.org
Subject: Re: LDAPS: ldapsearch working, back-ldap failing?
From: Michael Ströder <michael@stroeder.com>
Date: Wed, 02 Apr 2014 09:02:56 +0200
In-reply-to: <BLU406-EAS2480F80174AA63F8EAD9985D6620@phx.gbl>
References: <BLU406-EAS2480F80174AA63F8EAD9985D6620@phx.gbl>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:28.0) Gecko/20100101 Firefox/28.0 SeaMonkey/2.25

Mitchell Im wrote:
> The OpenLDAP proxy works if it
> connects to the backend LDAP server via ldap://. The OpenLDAP proxy does
> *not* work if it connects to the backend LDAP server via ldaps://, though.
> What am I missing?
> 
> This is on CentOS 6.5, packages openldap-servers-2.4.23-34.el6_5.1.x86_64,
> nss-3.15.3-6.el6_5.x86_64 (Red Hat's decision).

I vaguely remember a bug in this old version regarding TLS CA cert configuration.

Try to set the LDAPTLS_CACERT env var when starting slapd or better use a
newer release which has a fix for this.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Follow-Ups:
- RE: LDAPS: ldapsearch working, back-ldap failing?
  - From: Mitchell Im <sogarthm@hotmail.com>

References:
- LDAPS: ldapsearch working, back-ldap failing?
  - From: Mitchell Im <sogarthm@hotmail.com>

Prev by Date: Re: dhcp.schema attribute dhcpStatements value in filter
Next by Date: Volunteers for Linuxtag 2014
Index(es):
- Chronological
- Thread