Hi Eric and John
Thanks for your input..
As mentioned in my previous mail, there is no need to specify
TLSCACertificateFile in slapd.conf unless your server will request client
certificate for authentication. Nor is there any point in trying multiple
files, you can concatenate the CA
On 28/11/10 18.51, bluethundr wrote:
Yes the hostname is in the CN of the cert file. So I agree that -h is
not the issue. :)
[r...@vircent03:~]#ldapsearch -h ldap -b dc=summitnjhome,dc=com -Z
-D cn=Manager,dc=summitnjhome,dc=com (objectclass=sudoRole) -W
Maybe I didn't make myself clear: the
Hi Eric,
Sorry I am clear on that now. I have tried the -h value that matches
the one in the cert, but I get the same result, unfortunately:
[r...@vircent03:~]#ldapsearch -h LBSD2.summitnjhome.com -b
dc=summitnjhome,dc=com -Z -D cn=Manager,dc=summitnjhome,dc=com
(objectclass=sudoRole) -W
I have also I have revised my /etc/ldap.conf on the client to read:
uri ldaps://LBSD2.summitnjhome.com/
ssl start_tls
tls_cacertdir /etc/openldap/cacerts
pam_password crypt
I have also tried using
uri ldap://LBSD2.summitnjhome.com/
with the same results as before. thanks again.
On Sun, Nov
Hey list,
I was having a similar SSL/openLDAP problem to this last week. I had
a chance to look at this again today and it still appears to not be
working. I called godaddy and had the last cert cancelled and reissued
as I had mis-typed the name of the CN on the last one.
I am trying to setup
On 25/11/10 17.26, bluethundr wrote:
I have setup the certificate chain in my slapd.conf like so:
[r...@lbsd2:/usr/home/bluethundr]#grep -i tls
/usr/local/etc/openldap/slapd.conf## TLS options for slapd
TLSCipherSuite HIGH:MEDIUM:+SSLv2
TLSCertificateFile
Don't know if this applies, but I had to install the intermediate cert to get
the godaddy Certs to work. You can download it from the gd website.
-- John
Sent from my iPhone, so may be a bit brief.
On Nov 25, 2010, at 11:26, bluethundr bluethu...@gmail.com wrote:
Hey list,
I was having a