Authenticate Linux on Openldap

[Aaron Bliss]

If you run authconfig-tui and select the option to use tls, it will tell you
where your openldap's public cert needs to be copied to on your client
(/etc/openldap/cacerts) I believe.  After you put the cert in that
directory, authoconfig will setup the necessary symbolic links for that to
work.  Be sure to follow the authconfig wizard carefully, including to copy
(or already have copied) the cert before completing the wizard.

-----Original Message-----
From: redhat-list-bounces at redhat.com [mailto:redhat-list-bounces at redhat.com]
On Behalf Of Virgilio Antonio Araujo
Sent: Thursday, June 04, 2009 11:21 AM
To: redhat-list at redhat.com
Subject: Authenticate Linux on Openldap

Hi list, I was configuring a openldapserver for proporse the linux and unix
clientes authenticate on server. The authentication at server work perfect
without tls. With tls the connection still waiting and dosent work.
On the server I'm using the following sintax at slapd.conf.
...
TLSCipherSuite          HIGH:MEDIUM:+SSLv2:+SSLv3:RSA
TLSCACertificateFile    /etc/openldap/cacerts/server.pem
TLSCertificateFile      /etc/openldap/cacerts/server.pem
TLSCertificateKeyFile   /etc/openldap/cacerts/server.pem
TLSVerifyClient         allow
...

After I copy the client pem to server and modify the /etc/ldap.conf as
above:
...
uri ldaps://spas031elc/
#ssl start_tls
tls_cacertdir /etc/openldap/cacerts
pam_password md5
...

And /etc/openldap/ldap.conf
...
URI ldaps://spas031elc/
BASE dc=elucid,dc=int
TLS_CACERTDIR /etc/openldap/cacerts
...

I follow the documentation at:
http://www.linuxhomenetworking.com/wiki/index.php/Quick_HOWTO_:_Ch31_:_Centr
alized_Logins_Using_LDAP_and_RADIUS

Someone had the problem ?
Thanks for help...




-- 
Virgilio Antonio Araujo
-----------------------------
RHCT
LPIC 3
Mandriva
+55(11)8060-9745
-- 
redhat-list mailing list
unsubscribe mailto:redhat-list-request at redhat.com?subject=unsubscribe
https://www.redhat.com/mailman/listinfo/redhat-list