--On Thursday, July 23, 2009 12:46 PM +0700 Olivier Nicole
<on@xxxxxxxxxxxx> wrote:
Hi,
Your log indicates its a TLS negotioation failure.
This may be missleading as I use SSL, not TLS.
Does it work if you don't use TLS?
If I configure without SSL:
ldap_servers: ldaps://ldap.cs.ait.ac.th/
If I configure with SSL:
ldap_servers: ldaps://ldap.cs.ait.ac.th/
What you say above makes zero sense to me. There are two types of LDAP
bits that can do SSL encryption:
(a) startTLS (ldap v3 RFC standard)
(b) ldaps://, usually on port 636. Not part of any standard, but a hack.
Now, what exactly do you mean by you configured without ssl but are using
ldaps://? That makes *no* sense.
At a guess, one of the problems you may be having on the saslauthd side is
that it can't find the CA cert to validate the connection.
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
