Re: Re: Other system use port 636 connect LDAP Server Error

Thu, 26 Sep 2013 04:14:15 -0700 

Hi Espeake

Thanks for your quick reply. 
There is no firewall between the two systems.
Telnet 192.168.0.10 is ok, as follows:
--------------------------------------------
# telnet 192.168.0.10 636
Trying 192.168.0.10...
Connected to localhost (192.168.0.10).
Escape character is '^]'.
quit
Connection closed by foreign host.

Actually, LDAP Server is used for other system,  include 
mediawiki/redmine/gerrit... , now these systems are unable to use LDAPS 
certification. So, I use ldapsearch method to test it.



Tian Zhiying

From: espeake
Date: 2013-09-26 18:42
To: tianzy1225
CC: openldap-technical; openldap-technical-bounces
Subject: Re: Other system use port 636 connect LDAP Server Error




From: "Tian Zhiying" <tianzy1...@thundersoft.com>
To: openldap-technical <openldap-technical@openldap.org>
Cc: tianzy1225 <tianzy1...@thundersoft.com>
Date: 09/26/2013 03:38 AM
Subject: Other system use port 636 connect LDAP Server Error
Sent by: openldap-technical-boun...@openldap.org



 Hi

 In ldap server(localhost) , I execute  the below command , it ok.
 # ldapsearch -x -b 'ou=people,dc=mydomain,dc=com' -D
 "cn=interface,dc=mydomain,dc=com" -H ldaps://192.168.1.10 -W

 But in other linux system is not ok, below is the error info:
 # ldapsearch -x -b 'ou=people,dc=mydomain,dc=com' -D
 "cn=interface,dc=mydomain,dc=com" -H ldaps://192.168.1.10 -W
 ldap_bind: Can't contact LDAP server (-1)
         additional info: error:14090086:SSL
 routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

 LDAP Server is Centos 5.8 64 OS, iptables serverice is closed state. What
 is the cause?

 You have any Suggestions?  Thanks.


 Tian Zhiying
 -- This message has been scanned for viruses and dangerous content, and is
 believed to be clean. Message id: 6C4D96009F0.A06A1
 Is there a firewall between the two systems>  That port could be blocked.
 Try doing a telnet to that IP on port 636.

 telenet 192.168.1.10 636

 Eric

This communication and any attachments are confidential, protected by 
Communications Privacy Act 18 USCS ?2510, solely for the use of the intended 
recipient, and may contain legally privileged material. If you are not the 
intended recipient, please return or destroy it immediately. Thank you.

Reply via email to