all set, not sure why, but changing line in
/etc/openldap/ldap.conf to TLS_CACERT
/etc/openldap/cacerts/cacert.pem
took care of it; thanks again.
took care of it; thanks again.
Aaron
From: fedora-directory-users-bounces@xxxxxxxxxx [mailto:fedora-directory-users-bounces@xxxxxxxxxx] On Behalf Of Bliss, Aaron
Sent: Tuesday, January 17, 2006 7:47 PM
To: fedora-directory-users@xxxxxxxxxx
Subject: weird error when querying directory server
this works great from a redhat 4 box, however from my
redhat 3 box I receive the following
error:
ldapsearch -x -ZZ '(uid =azb)'
ldap_start_tls: Connect
error
additional info: Start TLS request accepted.Server willing to negotiate SSL.
additional info: Start TLS request accepted.Server willing to negotiate SSL.
relevant entries of /etc/ldap.conf look
like this:
pam_password md5
ssl start_tls
ssl on
tls_cacertfile /etc/openldap/cacerts/cacert.pem
tls_cacertdir /etc/openldap/cacerts/
ssl start_tls
ssl on
tls_cacertfile /etc/openldap/cacerts/cacert.pem
tls_cacertdir /etc/openldap/cacerts/
client has read and execute to the ca
certificate
relavent entries of
/etc/openldap/ldap.conf
TLS_CACERTDIR
/etc/openldap/cacerts
TLS_REQCERT allow
TLS_REQCERT allow
I'm just trying to verify that ssl logins
are working from the redhat 3 box; secure logins from the redhat 4 box work
fine. Thanks very much for your
help.
Aaron
www.preferredcare.org
"An Outstanding
Member Experience," Preferred Care HMO Plans -- J. D. Power and
Associates
Confidentiality
Notice:
The information contained in this electronic message is intended for
the exclusive use of the individual or entity named above and may contain
privileged or confidential information. If the reader of this message is
not the intended recipient or the employee or agent responsible to deliver it to
the intended recipient, you are hereby notified that dissemination, distribution
or copying of this information is prohibited. If you have received this
communication in error, please notify the sender immediately by telephone and
destroy the copies you received.
-- Fedora-directory-users mailing list Fedora-directory-users@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-directory-users
