how did you verify that SSL is working? Did you sniff it or what?
Yes, using snoop.
I should say I didn't debug it using ldapsearch, so I'm still not sure
what's going on with that in your case. But, since your end goal is
ldap name service over SSL, have you tried that yet on the Solaris 10
client? If nothing else, it might spew some error messages (in
/var/adm/messages) that give some new clues.
Susan wrote:
--- George Holbert <gholbert@xxxxxxxxxxxx> wrote:
*|# Add your ascii CA certificate to the cert DB.
certutil -A -n "Susan's CA" -t "C,," -a -i ./susans-cacert.pem -d /var/ldap
# List the contents of your cert DB.
|***|certutil -L -d /var/ldap|**
did all that, imported w/o problems:
-bash-3.00# /usr/sfw/bin/certutil -L -d /var/ldap
CA certificate C,,
________________________________________________
However, this:
ldapsearch -b "ou=profile,dc=composers,dc=company,dc=com" -h cnyitlin02 -L "cn=*" -Z -p 636 -P
/var/ldap/
still transmits clear text.
Try this first using certutil as included with Solaris 10
(/usr/sfw/bin/certutil). I think this will create a cert8 file.
It does. Doesn't seem to do any good, however.
how did you verify that SSL is working? Did you sniff it or what?
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
