[Freeipa-devel] LDAPS for the IPA LDAP server?
Stephen Gallagher
sgallagh at redhat.com
Tue Nov 8 13:18:44 UTC 2011
On Mon, 2011-11-07 at 21:24 -0500, Adam Young wrote:
> I noticed that the PKI Directory server has a secure port set but the
> IPA DS instance does not:
>
> PKI
> nsslapd-secureport: 7390
>
> Why doesn IPA set up ldaps on port 636?
I think you're confused. FreeIPA does indeed set up to listen on both
636 (LDAPS) and 389 (LDAP/TLS) by default.
Take a look at 'netstat -lptn' as root.
If you cannot connect to the LDAPS port, it may be due to a firewall
issue or a certificate issue (make sure you have the FreeIPA CA cert
loaded in /etc/openldap/cacerts and have called cacertdir_rehash on that
directory)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 198 bytes
Desc: This is a digitally signed message part
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20111108/1a6bea0f/attachment.sig>
More information about the Freeipa-devel
mailing list