TLS Issue

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Thu, Jul 24, 2008 at 03:11:59PM +0000, Dharmin Mandalia wrote:
> I've enabled TLS and am getting below error msg's in /var/log/secure file on Fedora 9, which is my newly configured FDS , if disable TLS , am able to ssh onto the FDS server and with TLS enabled unable to login via ssh.
[snip]
> sshd[5487]: nss_ldap: could not search LDAP server - Server is unavailable
[snip]
> /etc/ldap.conf file on Fedora 9, (FDS server ) shows as :-
[snip]
> ssl start_tls
> tls_checkpeer yes
> tls_cacertfile  /etc/openldap/cacerts/cacert.asc
> pam_password md5
> uri ldap://127.0.0.1/
> tls_cacertdir /etc/openldap/cacerts

If you're using SSL or TLS, the LDAP client library is going to compare
the names in the certificate that the server uses against the value that
was given in the client's configuration (in this case "127.0.0.1"), and
it looks like they're not matching up here.

Typically the certificate uses an actual hostname as a "CN" value in its
subject, so you'd need to specify the server URI using a hostname rather
than an IP address to make sure that they match.

If that's not what's going on here, please post a copy of the
certificate that the server's using so that we can have a look.

HTH,

Nalin




[Index of Archives]     [Fedora User Discussion]     [Older Fedora Users]     [Fedora Announce]     [Fedora Package Announce]     [EPEL Announce]     [Fedora News]     [Fedora Cloud]     [Fedora Advisory Board]     [Fedora Education]     [Fedora Security]     [Fedora Scitech]     [Fedora Robotics]     [Fedora Maintainers]     [Fedora Infrastructure]     [Fedora Websites]     [Anaconda Devel]     [Fedora Devel Java]     [Fedora Legacy]     [Fedora Desktop]     [Fedora Fonts]     [ATA RAID]     [Fedora Marketing]     [Fedora Management Tools]     [Fedora Mentors]     [Fedora Package Review]     [Fedora R Devel]     [Fedora PHP Devel]     [Kickstart]     [Fedora Music]     [Fedora Packaging]     [Centos]     [Fedora SELinux]     [Fedora Legal]     [Fedora Kernel]     [Fedora QA]     [Fedora Triage]     [Fedora OCaml]     [Coolkey]     [Virtualization Tools]     [ET Management Tools]     [Yum Users]     [Tux]     [Yosemite News]     [Yosemite Photos]     [Linux Apps]     [Maemo Users]     [Gnome Users]     [KDE Users]     [Fedora Tools]     [Fedora Art]     [Fedora Docs]     [Maemo Users]     [Asterisk PBX]     [Fedora Sparc]     [Fedora Universal Network Connector]     [Fedora ARM]

  Powered by Linux