I have set up Active Directory to serve requests over SSL (ldaps://). Also, I have generated the certificate files on Windows 2008 server.
(I have copied the self-signed certificate to test.cer) I have downloaded test.cer file to my linux machine to use it with Openldap client. The .cer file is present in /etc/openldap/certs directory and the content of ldap.conf file is TLS_CACERTDIR /etc/openldap/certs However, when I issue an ldapsearch on the Active Directory I end up with the following error: ldapsearch -x -H ldaps://192.168.1.84:636 -D CN=Administrator,CN=Users,DC=test,DC=ldap,DC=com -b CN=Administrator,CN=Users,DC=test,DC=ldap,DC=com -w Admin123 ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) My question: 1) Is this how I use my *.cer file? 2) How do I convert it to a proper file recognized by openldap clients? 3) What am I missing? (Very new to ldap and Active Directory) 4) Any useful resource or documentation to get ldaps working? Thanks. -- Ashwin kumar (http://ashwinkumar.me)
