[389-users] TLS failure
Aziza Lichir
aziza.lichir at gmail.com
Tue May 7 08:52:39 UTC 2013
yes this is my file :
/etc/ldap.conf
uri ldaps://srv-ds-38.meyclub.net:636
ssl start_tls
tls_cacertdir /etc/openldap/cacerts
pam_password crypt
and /etc/openldap/ldap.conf:
URI ldaps://srv-ds-38.meyclub.net:636 --> i've tried with ldap and it was
the same
BASE dc=meyclub,dc=net
TLS_CACERTDIR /etc/openldap/cacerts
TLS_REQCERT allow
2013/5/7 Grzegorz Dwornicki <gd1100 at gmail.com>
> Are you using LDAPS uri with -ZZ args?
> 7 maj 2013 10:18, "Aziza Lichir" <aziza.lichir at gmail.com> napisaĆ(a):
>
>> Hey,
>>
>> I'm having problems with TLS/SSL on my client side. When I do ldapsearch
>> -ZZ it works just fine and says that SSL started but when i try to
>> authenticate a user I keep getting this strange error:
>>
>> [07/May/2013:10:04:06 +0200] conn=95 fd=228 slot=228 SSL connection
>> [07/May/2013:10:04:06 +0200] conn=95 SSL 256-bit AES
>> [07/May/2013:10:04:06 +0200] conn=95 op=0 EXT
>> oid="1.3.6.1.4.1.1466.20037" name="startTLS"
>> [07/May/2013:10:04:06 +0200] conn=95 op=0 RESULT err=1 tag=120 nentries=0
>> etime=0
>> [07/May/2013:10:04:06 +0200] conn=95 op=1 UNBIND
>> [07/May/2013:10:04:06 +0200] conn=95 op=1 fd=228 closed - U1
>>
>>
>> the plate form is :
>> server : CentOS-6.3-i386
>> client: CentOS 5.3
>>
>> [root at srv-ds-38 ~]# rpm -qi 389-ds-base
>> Name : 389-ds-base Relocations: (not relocatable)
>> Version : 1.2.11.15 Vendor: CentOS
>> Release : 14.el6_4 Build Date: Tue 16 Apr 2013
>> 12:57:55 AM CEST
>> Install Date: Fri 26 Apr 2013 04:05:26 PM CEST Build Host:
>> c6b7.bsys.dev.centos.org
>> Group : System Environment/Daemons Source RPM:
>> 389-ds-base-1.2.11.15-14.el6_4.src.rpm
>> Size : 4940881 License: GPLv2 with
>> exceptions
>> Signature : RSA/SHA1, Tue 16 Apr 2013 11:32:27 AM CEST, Key ID
>> 0946fca2c105b9de
>> Packager : CentOS BuildSystem <http://bugs.centos.org>
>> URL : http://port389.org/
>> Summary : 389 Directory Server (base)
>> Description :
>> 389 Directory Server is an LDAPv3 compliant server. The base package
>> includes
>> the LDAP server and command line utilities for server administration.
>>
>>
>> I would appreciate some help.
>> --
>>
>>
>> *
>>
>>
>>
>> ___________________________________________________________*
>> *Aziza Lichir*
>> *
>> *
>>
>> --
>> 389 users mailing list
>> 389-users at lists.fedoraproject.org
>> https://admin.fedoraproject.org/mailman/listinfo/389-users
>>
>
> --
> 389 users mailing list
> 389-users at lists.fedoraproject.org
> https://admin.fedoraproject.org/mailman/listinfo/389-users
>
--
*
___________________________________________________________*
*Aziza Lichir*
*
*
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.fedoraproject.org/pipermail/389-users/attachments/20130507/094cc4c3/attachment.html>
More information about the 389-users
mailing list