[389-users] Clients can't use tls
Arpit Tolani
arpittolani at gmail.com
Tue Dec 6 17:48:32 UTC 2011
2011/12/6 Ru-Benz Cáceres <ru.be.ns.4_26 at hotmail.com>
> In my server tls works fine for my clients, problems are when I try to
> active on the others clients machine. I import the certificate just like I
> did in my server.
> But I have problems when I activate tls. At the begin it works fine but
> minutes later I check the logs and I get this:
>
> Dec 6 15:06:52 192.168.4.21 id: nss-ldap: do_open: do_start_tls
> failed:stat=-1
> Dec 6 15:06:52 192.168.4.21 id: nss_ldap: reconnecting to LDAP server
> (sleeping
> 64 seconds)...
> Dec 6 15:08:14 192.168.4.21 id: nss-ldap: do_open: do_start_tls
> failed:stat=-1
> Dec 6 15:08:32 192.168.4.21 id: nss_ldap: could not search LDAP server -
> Server
> is unavailable
>
> Are you trying to connect using the same name which was used while
creating the certificate ?
I mean if the certificate is created for hostname ldap.exmaple.com, client
should connect to ldap.example.com host only.
if DNS server is not configured add that in /etc/hosts file.
Also try tls_reqcert to allow
--
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
>
--
Thanks & Regards
Arpit Tolani
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20111206/6a35a808/attachment.html>
More information about the 389-users
mailing list