Emmanuel BILLOT a ?crit : > Many tests give the followibng result > > [root at ldapnew slapd-ldapnew]# /usr/lib/mozldap/ldapsearch -h > porlsvrdc0003.ird.fr -p 636 -D "cn=toutou,cn=Users,dc=ird,dc=fr" -w - > -Z -P /etc/dirsrv/slapd-ldapnew/cert8.db -s base -b "" "objectclass=*" > Enter bind password: > ldap_simple_bind: Can't contact LDAP server > SSL error -8183 (security library: improperly formatted > DER-encoded message.) > > However, cert seems to be ok: > - ldaps:636 works on ldap.exe client (Windows) > - ldaps:636 works on ldapsearch -x -H ldaps://porlsvrdc0003.ird.fr -D > "cn=toutou,cn=Users,dc=ird,dc=fr" -W -b "dc=ird,dc=fr" with the > "classic" ldapsearch client > > How can i debug it ? > > BR, > Ok i found what was wrong : the request.inf from which the req cert is generated contained an unknow item value [Extensions] 2.5.29.17=xxxxxxxx The inf file without the extensions section generate a good req file and then a valid cert. BR, -- ========================================== Emmanuel BILLOT IRD - Orl?ans D?l?gation aux Syst?mes d'Information (DSI) t?l : 02 38 49 95 88 ==========================================
