What was old uri? Did you change port aswell?
The error looks like result of trying using starttls on encrypted
connection. Starttls works on 389 port. You need to leave ldap and 389 port
in URL and then try to use starttls. This should work
7 maj 2013 10:52, "Aziza Lichir" <aziza.lichir(a)gmail.com> napisał(a):
yes this is my file :
/etc/ldap.conf
uri ldaps://srv-ds-38.meyclub.net:636
ssl start_tls
tls_cacertdir /etc/openldap/cacerts
pam_password crypt
and /etc/openldap/ldap.conf:
URI ldaps://srv-ds-38.meyclub.net:636 --> i've tried with ldap and it was
the same
BASE dc=meyclub,dc=net
TLS_CACERTDIR /etc/openldap/cacerts
TLS_REQCERT allow
2013/5/7 Grzegorz Dwornicki <gd1100(a)gmail.com>
> Are you using LDAPS uri with -ZZ args?
> 7 maj 2013 10:18, "Aziza Lichir" <aziza.lichir(a)gmail.com>
napisał(a):
>
>> Hey,
>>
>> I'm having problems with TLS/SSL on my client side. When I do ldapsearch
>> -ZZ it works just fine and says that SSL started but when i try to
>> authenticate a user I keep getting this strange error:
>>
>> [07/May/2013:10:04:06 +0200] conn=95 fd=228 slot=228 SSL connection
>> [07/May/2013:10:04:06 +0200] conn=95 SSL 256-bit AES
>> [07/May/2013:10:04:06 +0200] conn=95 op=0 EXT
>> oid="1.3.6.1.4.1.1466.20037" name="startTLS"
>> [07/May/2013:10:04:06 +0200] conn=95 op=0 RESULT err=1 tag=120
>> nentries=0 etime=0
>> [07/May/2013:10:04:06 +0200] conn=95 op=1 UNBIND
>> [07/May/2013:10:04:06 +0200] conn=95 op=1 fd=228 closed - U1
>>
>>
>> the plate form is :
>> server : CentOS-6.3-i386
>> client: CentOS 5.3
>>
>> [root@srv-ds-38 ~]# rpm -qi 389-ds-base
>> Name : 389-ds-base Relocations: (not relocatable)
>> Version : 1.2.11.15 Vendor: CentOS
>> Release : 14.el6_4 Build Date: Tue 16 Apr 2013
>> 12:57:55 AM CEST
>> Install Date: Fri 26 Apr 2013 04:05:26 PM CEST Build Host:
>>
c6b7.bsys.dev.centos.org
>> Group : System Environment/Daemons Source RPM:
>> 389-ds-base-1.2.11.15-14.el6_4.src.rpm
>> Size : 4940881 License: GPLv2 with
>> exceptions
>> Signature : RSA/SHA1, Tue 16 Apr 2013 11:32:27 AM CEST, Key ID
>> 0946fca2c105b9de
>> Packager : CentOS BuildSystem <
http://bugs.centos.org>
>> URL :
http://port389.org/
>> Summary : 389 Directory Server (base)
>> Description :
>> 389 Directory Server is an LDAPv3 compliant server. The base package
>> includes
>> the LDAP server and command line utilities for server administration.
>>
>>
>> I would appreciate some help.
>> --
>>
>>
>> *
>>
>>
>>
>> ___________________________________________________________*
>> *Aziza Lichir*
>> *
>> *
>>
>> --
>> 389 users mailing list
>> 389-users(a)lists.fedoraproject.org
>>
https://admin.fedoraproject.org/mailman/listinfo/389-users
>>
>
> --
> 389 users mailing list
> 389-users(a)lists.fedoraproject.org
>
https://admin.fedoraproject.org/mailman/listinfo/389-users
>
--
*
___________________________________________________________*
*Aziza Lichir*
*
*
--
389 users mailing list
389-users(a)lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/389-users