Hi All, I have an openldap server set-up with SSL and optional certificate-based client authentication and I want to use ldapsearch on Win32 to use my certificate and I got the following errors:
$ ldapsearch -Z -h tmmail.sse.ie -b 'dc=tmmail,dc=sse,dc=ie' -P e:/zoltan/ldap -N zoltan -W "1234" -v '(objectClass=inetOrgPerson)' e:\apps\ldapcsdk5.08\tools\ldapsearch.exe: started Fri Sep 27 11:25:59 2002 ldap_init( tmmail.sse.ie, 389 ) ldaptool_getcertpath -- e:/zoltan/ldap ldaptool_getkeypath -- . ldaptool_getdonglefilename -- (null) ldaptool_gettokenname -- (null) ldapssl_enable_clientauth: Bad parameter to an ldap routine ldapssl_enable_clientauth: additional info: unable to find certificate SSL error -8183 (security library: improperly formatted DER-encoded message.) SSL without client authentication works correctly! I presumed that my key3.db file was not set up correctly, but I could use the cmsutil for creating a signed message without any problem with the same databases. I would appreciate any ideas... Thanks, Zoltan