I have set up Active Directory to serve requests over SSL (ldaps://). Also, I have generated the certificate files on Windows 2008 server.
(I have copied the self-signed certificate to test.cer)
I have downloaded test.cer file to my linux machine to use it with Openldap client.
The .cer file is present in /etc/openldap/certs directory and the content of ldap.conf file is
TLS_CACERTDIR /etc/openldap/certs
However, when I issue an ldapsearch on the Active Directory I end up with the following error:
ldapsearch -x -H ldaps://192.168.1.84:636 -D CN=Administrator,CN=Users,DC=test,DC=ldap,DC=com -b CN=Administrator,CN=Users,DC=test,DC=ldap,DC=com -w Admin123
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)
My question:
1) Is this how I use my *.cer file?
2) How do I convert it to a proper file recognized by openldap clients?
3) What am I missing? (Very new to ldap and Active Directory)
4) Any useful resource or documentation to get ldaps working?
Thanks.