The Solaris docs will also be somewhat helpful for this: http://docs.sun.com/app/docs/doc/816-4556/6maort2st?a=view#clientsetup-57 Steve Rigler wrote: > On Mon, 2007-07-30 at 13:44 -0500, Saied W. Andalib wrote: > >> I have a Solaris 9 client and have configured it as a client of >> fds-1.0.4 which runs on RHEL5. Without TLS, the Solaris client >> authenticates against the fds fine. But, if TLS is enabled on the Sun >> client, the ldapsearch commands runs ok, but, authentication fails. >> The nscd logs the following error message: >> >> >> >> Jul 30 13:31:01 thread nscd[1172]: [ID 293258 user.error] libsldap: >> Status: 91 Mesg: openConnection: failed to initialize TLS security >> (security library: bad database.) >> >> Jul 30 13:31:01 thread nscd[1172]: [ID 293258 user.error] libsldap: >> Status: 7 Mesg: Session error no available conn. >> >> >> >> >> I think the problem is related to the certificates on the Sun client >> but I'm not sure... >> >> >> Thanks, >> >> SWA >> >> > > Do you have the certs copied to you Solaris client? > > There's an example here: > http://blogs.sun.com/baban/entry/steps_to_setup_ssl_using > > and here: > http://directory.fedoraproject.org/wiki/Howto:SolarisClient > > I've also seen references that say to point netscape at > https://yourserver:636, keep the certificate forever and > copy .netscape/{cert7.db,key3.db} to /var/ldap on your Solaris client. > > -Steve
