<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN">
<HTML><HEAD>
<META http-equiv=Content-Type content="text/html; charset=us-ascii">
<META content="MSHTML 6.00.2900.2802" name=GENERATOR></HEAD>
<BODY>
<DIV><FONT face=Arial><FONT color=#0000ff><FONT size=2><SPAN
class=353243700-18012006>this works great from a redhat 4 box, however from my
redhat 3 box I receive the following
error:</SPAN></FONT></FONT></FONT></DIV>
<DIV><FONT><FONT><FONT face=Arial><FONT color=#0000ff><FONT size=2>ldapsearch -x
-ZZ '(uid<SPAN class=353243700-18012006> =azb</SPAN>)'<BR><SPAN
class=353243700-18012006> </SPAN></FONT></FONT></FONT></FONT></FONT></DIV>
<DIV><FONT><FONT><FONT><FONT face=Arial color=#0000ff size=2>ldap_start_tls:
Connect error<BR> additional info:
Start TLS request accepted.Server willing to negotiate SSL.<SPAN
class=353243700-18012006> </SPAN></FONT></FONT></FONT></FONT></DIV>
<DIV><FONT><FONT><FONT><FONT face=Arial color=#0000ff size=2><SPAN
class=353243700-18012006></SPAN></FONT></FONT></FONT></FONT> </DIV>
<DIV><FONT><FONT><FONT><FONT face=Arial color=#0000ff size=2><SPAN
class=353243700-18012006>relevant entries of /etc/ldap.conf look like
this:</SPAN></FONT></FONT></FONT></FONT></DIV>
<DIV><FONT><FONT><FONT><FONT face=Arial color=#0000ff size=2><SPAN
class=353243700-18012006>pam_password md5<BR>ssl start_tls<BR>ssl
on<BR>tls_cacertfile /etc/openldap/cacerts/cacert.pem<BR>tls_cacertdir
/etc/openldap/cacerts/<BR></SPAN></FONT></FONT></FONT></FONT></DIV>
<DIV><FONT><FONT><FONT><FONT face=Arial color=#0000ff size=2><SPAN
class=353243700-18012006>client has read and execute to the ca
certificate</SPAN></FONT></FONT></FONT></FONT></DIV>
<DIV><FONT><FONT><FONT><FONT face=Arial color=#0000ff size=2><SPAN
class=353243700-18012006></SPAN></FONT></FONT></FONT></FONT> </DIV>
<DIV><FONT><FONT><FONT><FONT face=Arial color=#0000ff size=2><SPAN
class=353243700-18012006>relavent entries of
/etc/openldap/ldap.conf</SPAN></FONT></FONT></FONT></FONT></DIV>
<DIV><FONT><FONT><FONT><FONT face=Arial color=#0000ff size=2><SPAN
class=353243700-18012006>TLS_CACERTDIR /etc/openldap/cacerts<BR>TLS_REQCERT
allow<BR></SPAN></FONT></FONT></FONT></FONT></DIV>
<DIV><FONT><FONT><FONT><FONT face=Arial color=#0000ff size=2><SPAN
class=353243700-18012006>I'm just trying to verify that ssl logins are working
from the redhat 3 box; secure logins from the redhat 4 box work fine.
Thanks very much for your help.</SPAN></FONT></FONT></FONT></FONT></DIV>
<DIV><FONT><FONT><FONT><FONT face=Arial color=#0000ff size=2><SPAN
class=353243700-18012006></SPAN></FONT></FONT></FONT></FONT> </DIV>
<DIV><FONT><FONT><FONT><FONT face=Arial color=#0000ff size=2><SPAN
class=353243700-18012006>Aaron</DIV></SPAN></FONT></FONT></FONT></FONT>
<DIV><FONT><FONT><FONT><FONT face=Arial color=#0000ff size=2><SPAN
class=353243700-18012006> </SPAN><BR></DIV></FONT></FONT></FONT></FONT></BODY><!--[object_id=#preferredcare.org#]--><P align=left><FONT face=Tahoma size=2><FONT color=#0000ff><A href="http://www.preferredcare.org">www.preferredcare.org</A><BR>"An Outstanding Member Experience," Preferred Care HMO Plans -- J. D. Power and Associates</FONT></FONT></P>
<P align=left><FONT face=Tahoma size=2><FONT color=#0000ff>Confidentiality Notice:<BR>The information contained in this electronic message is intended for the exclusive use of the individual or entity named above and may contain privileged or confidential information. If the reader of this message is not the intended recipient or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that dissemination, distribution or copying of this information is prohibited. If you have received this communication in error, please notify the sender immediately by telephone and destroy the copies you received.</FONT></FONT></P></HTML>