On Tuesday 04 March 2008 07:57:03 Padmavathi Dt wrote:
Hii List,
We have installed and configured our openLDAP-2.4.7 on RedHat LINUX
Out of interest, what version of RedHat LINUX ?
machine using simple configure( . /configure) without any options.
Did you have a suitable SSL library's development files (headers, linking library) installed ? Did you check whether configure found a suitable SSL library, and enabled SSL support?
It has been working fine.Now we want to use SSL with that we are using openssl-0.9.7g package.We got all the required certificates. Now the problem is that,when I run the following command:
/usr/local/etc/openldap/slapd.conf -d127 -h "ldap:/// ldaps:///"
It is giving the following error message:
ldap_pvt_gethostbyname_a: host=as3, r=0 daemon_init: ldap:/// ldaps:/// daemon_init: listen on ldap:/// daemon_init: listen on ldaps:/// daemon_init: 2 listeners to open... ldap_url_parse_ext(ldap:///) daemon: listener initialized ldap:/// ldap_url_parse_ext(ldaps:///) daemon: TLS not supported (ldaps:///) slapd stopped. connections_destroy: nothing to destroy.
From this I can understand that ,TLS is not supported.what should I do
now? One more question.Is there any difference between enabling SSL and TLS ? please help me( It is difficult to rebuild openldap again,as there are many applications that are using our current LDAP)
Compilation should not be impacted by home many applications are "using your current LDAP". Any sane environment should be deployed with some kind of software management tool (such as rpm), in which case you would build the software independently of installing it. This would also allow you to test the configuration on a different machine first, before deploying it etc. etc.
If you are running Red Hat Enterprise Linux (3, 4 or 5), you may want to look here:
http://staff.telkomsa.net/packages/
(2.4.8 and 2.3.41 coming ... just have some hardware issues on our internal package repo to sort out before I can afford time building packages ...).
Regards, Buchan