On 20 Mar 2009, at 16:23, Helmut Schneider wrote:
LDAPSHow do I turn on debugging for Net::LDAP? Also, I'm not
familiar with the ldapserach syntax, but:
Call $ldap->debug(n) - n is a mask of debug flags described in the
docs. But as it is mainly for debugging LDAP PDUs, it isn't going to
help if you've got transport level problems.
[r...@mx1 ~]# ldapsearch -h domain.tld -Z
ldap_start_tls: Connect error (-11)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
ldap_bind: Can't contact LDAP server (-1)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
[r...@mx1 ~]#
This "error" also displays on hosts where Net::LDAPS runs fine so I
guess it's not related to the problem. BTW, I'm using a self signed
CA if this is relevant.
That's probably not related/relevant at this point.
A problem like this came up last year. Searching my list archives for
"IO::Socket::SSL Timeout" I think it got resolved by updating the
IO::Socket::SSL package. I don't follow that package closely to know
what might have changed...
Cheers,
Chris