[Fedora-directory-users] getting sh on RHAS5 to work with FDS.
Steven Jones
Steven.Jones at vuw.ac.nz
Tue Sep 18 01:28:23 UTC 2007
An "improved" ldap.conf (with no ssl/TLS) for RHAS5
===============
# http://www.padl.com
base dc=vuw,dc=ac,dc=nz
pam_password md5
BASE dc=vuw,dc=ac,dc=nz
TLS_REQCERT never
uri ldap://ldap.vuw.ac.nz/
ssl no
tls_cacertdir /etc/openldap/cacerts
===============
Trying TLS with,
===============
#ssl setup
# http://www.padl.com
base dc=vuw,dc=ac,dc=nz
pam_password md5
BASE dc=vuw,dc=ac,dc=nz
TLS_REQCERT allow
#TLS_REQCERT never
host ldap.vuw.ac.nz
ssl start_tls
uri ldap://ldap.vuw.ac.nz/
tls_cacertdir /etc/openldap/cacerts
===============
Produces this error,
[root at vuwunicoadmin01 etc]# ldapsearch -x -ZZ '(uid=jonesst1)'
ldap_start_tls: Connect error (-11)
additional info: TLS: hostname does not match CN in peer
certificate
Which is an interesting error.....
regards
Steven
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20070918/83248a9d/attachment.htm>
More information about the Fedora-directory-users
mailing list