Hi Dieter,
Thanks for the reply,
This server was only for testing purposes, so, that's why I used a self-signed certificate.
I got it working, the issue, as stupid as it is, was that I was editing the wrong ldap.conf file (Mac OSX has one on /etc/openldap and other on /opt/local/etc/openldap, which was the one being used).
Marcelo.
On Thu, May 20, 2010 at 3:09 AM, Dieter Kluenter dieter@dkluenter.dewrote:
Marcelo de Moraes Serpa celoserpa@gmail.com writes:
Hello all,
I hope someone could help me -- I'm trying for almost one whole day
already
and couldn't get LDAP over SSL to work, without success.
[...]
I have generated a self-signed certificate using this command:
sudo openssl req -newkey rsa:1024 -x509 -nodes -out server.pem -keyout server.pem -days 3650
[...]
This is not the proper way to create a certificate chain.
- create a certificate authority
- create a server certificate
- sign the server certificate with the CA
- extract the password from server certificate into a key
You may use tinyCA to create the chain http://tinyca.sm-zone.net/index.html
-Dieter
-- Dieter Klünter | Systemberatung sip: +49.40.20932173 http://www.dpunkt.de/buecher/2104.html GPG Key ID:8EF7B6C6