I am compiling OpenLDAP 2.4.35 with OpenSSL 1.0.0a. The compilation and
building the library works fine.
However, when I am using the OpenLDAP client ldapsearch the tool fails
with these errors:
[root@xMachine openldap-2.4.35]# ./ldaplib/bin/ldapsearch -H ldaps://
192.168.1.51:10636 -d 5
Hi,
think I found the reason why changing the password didn't work and I think
it's a bug.
If the password policy overlay is used slapd needs to be restarted every time
the olcPasswordHash parameter changes.
For example change the olcPasswordHash from {SHA} to {SSHA}. Changing the
password
--On Friday, June 14, 2013 5:22 PM +0530 Ashwin Kumar
ashwinkumar...@gmail.com wrote:
I am compiling OpenLDAP 2.4.35 with OpenSSL 1.0.0a. The compilation and
building the library works fine.
However, when I am using the OpenLDAP client ldapsearch the tool fails
with these errors:
Steve Eckmann wrote:
Is there a standard way to recover a local entry when its proxied entry is
moved, that is, when a remote DN changes? It looks like the local entry and
its attribute values become inaccessible via ldapsearch. I found the orphaned
entry in the output of slapcat, but the man
Hi,
In order to for LDAP to work with TLS, does the certificate names need
to match the server name?
My admin gave me a certificate but it's called wildcard.com.cert, the
name of my server is not 'wildcard'.
usaims
This email message is intended for the use of the person to whom it
Yes
On Jun 14, 2013, at 3:06 PM, Rodney Simioni rodney.simi...@verio.net wrote:
Hi,
In order to for LDAP to work with TLS, does the certificate names need to
match the server name?
My admin gave me a certificate but it’s called wildcard.com.cert, the name of
my server is not
On 06/14/13 14:42 -0400, Rodney Simioni wrote:
Hi,
In order to for LDAP to work with TLS, does the certificate names need
to match the server name?
My admin gave me a certificate but it's called wildcard.com.cert, the
name of my server is not 'wildcard'.
Analyze the contents of the cert and
I did a 'openssl x509 -in wildcard.securesites.com.cert -text -noout'
I got 'CN=*.securesites.com'
My /etc/openldap/cacerts looks like:
TLS_CACERTDIR /etc/openldap/cacerts
TLS_CACERT /etc/openldap/cacerts/wildcard.securesites.com.cert
URI ldap://fl1-lsh99apa007.securesites.com/
BASE
On 06/14/13 15:56 -0400, Rodney Simioni wrote:
I did a 'openssl x509 -in wildcard.securesites.com.cert -text -noout'
I got 'CN=*.securesites.com'
My /etc/openldap/cacerts looks like:
TLS_CACERTDIR /etc/openldap/cacerts
TLS_CACERT /etc/openldap/cacerts/wildcard.securesites.com.cert
URI
Thanks, Howard. That was going to be my next question.
Regards,
Steve
-Original Message-
From: Howard Chu [mailto:h...@symas.com]
Sent: Friday, June 14, 2013 11:14 AM
To: Steve Eckmann; openldap-technical@openldap.org
Subject: Re: translucent overlay and orphaned local entry when remote
So you are saying remove those TLS lines from /etc/openldap/ldap.conf and put
them in the ldif file as:
olcTLSCACertificateFile: /etc/openldap/cacerts/wildcard.securesites.com.cert
olcTLSCertificateFile: /etc/openldap/cacerts/wildcard.securesites.com.csr
olcTLSCertificateKeyFile:
On 06/14/13 16:28 -0400, Rodney Simioni wrote:
So you are saying remove those TLS lines from /etc/openldap/ldap.conf and put
them in the ldif file as:
olcTLSCACertificateFile: /etc/openldap/cacerts/wildcard.securesites.com.cert
olcTLSCertificateFile:
12 matches
Mail list logo