Hi All, I am trying to use either SSL or TLS with the pam_ldap 167 on redhat 9.0. However, each time I attempt to connect using ldaps there is a segmentation fault. I have searched the archives for a solution but I found very little on this subject. I am using the following command. ldapsearch -d1 -H ldaps://limkdc1.ad.analog.com "cn=Gallagher\, Niall,ou=Users,ou=LIMK-E,dc=ad,dc=analog,dc=com" Which produces the output shown below. The ldapsearch will work if ldap is used instead of ldaps which leads me to believe that the problem lies with SSL certificates or somthing similar. ldap_create ldap_url_parse_ext(ldaps://limkdc1.ad.analog.com) ldap_pvt_sasl_getmech ldap_search put_filter "(objectclass=*)" put_filter: simple put_simple_filter "objectclass=*" ldap_send_initial_request ldap_new_connection ldap_int_open_connection ldap_connect_to_host: limkdc1.ad.analog.com ldap_new_socket: 3 ldap_prepare_socket: 3 ldap_connect_to_host: Trying 10.32.51.110:636 ldap_connect_timeout: fd: 3 tm: -1 async: 0 ldap_ndelay_on: 3 ldap_is_sock_ready: 3 ldap_ndelay_off: 3 ldap_int_sasl_open: host=limkdc1.ad.analog.com TLS trace: SSL_connect:before/connect initialization TLS trace: SSL_connect:SSLv2/v3 write client hello A TLS trace: SSL_connect:SSLv3 read server hello A TLS certificate verification: depth: 0, subject: /CN=limkdc1.ad.analog.com, issuer: /DC=com/DC=analog/DC=ad/CN=Analog Enterprise Root CA TLS trace: SSL_connect:SSLv3 read server certificate A TLS trace: SSL_connect:SSLv3 read server certificate request A TLS trace: SSL_connect:SSLv3 read server done A TLS trace: SSL_connect:SSLv3 write client certificate A TLS trace: SSL_connect:SSLv3 write client key exchange A TLS trace: SSL_connect:SSLv3 write change cipher spec A TLS trace: SSL_connect:SSLv3 write finished A TLS trace: SSL_connect:SSLv3 flush data TLS trace: SSL_connect:SSLv3 read finished A Segmentation fault Any help would be appreciated, also if anyone has had success in using MD5 for secure transmission between pam_ldap and Microsoft Active Directory I would appreciate any tips. Regards, Niall _______________________________________________ Pam-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/pam-list
