I'm trying to configure Postgres to connect to my university's LDAP server to authenticate database users. In my pg_hba.conf, I have: > hostssl all +members 129.21.0.0/16 ldap "ldaps://ldap.rit.edu:636/ou=people,dc=rit,dc=edu;uid=" These are the same connection settings I'm using successfully in Apache. When I try to connect as an LDAP-authenticated user, I get the following error in the logs: > 2009-04-08 22:15:13 EDT LOG: could not start LDAP TLS session: error code -1 > 2009-04-08 22:15:13 EDT FATAL: LDAP authentication failed for user "pkf1214" I'm not sure why it doesn't want to start TLS. I've got the appropriate CA certificates listed in my /etc/ldap/ldap.conf: > TLS_CACERT /etc/ssl/certs/ca-certificates.crt I'm on Ubuntu, and this file is a concatenated list of all the CA certificates, including the LDAP server's CA. I've confirmed this should work under normal circumstances -- if I connect to LDAP in, say, Python, startTLS works just fine. Any ideas? Is there a way I can turn on extra debugging to get out a more detailed error message? Thanks in advance! Paul Fisher -- Sent via pgsql-general mailing list (pgsql-general@xxxxxxxxxxxxxx) To make changes to your subscription: http://www.postgresql.org/mailpref/pgsql-general
