Hi Dieter,

Thanks for the reply,

This server was only for testing purposes, so, that's why I used a self-signed certificate.

I got it working, the issue, as stupid as it is, was that I was editing the wrong ldap.conf file (Mac OSX has one on /etc/openldap and other on /opt/local/etc/openldap, which was the one being used).


On Thu, May 20, 2010 at 3:09 AM, Dieter Kluenter <dieter@dkluenter.de> wrote:
Marcelo de Moraes Serpa <celoserpa@gmail.com> writes:

> Hello all,
> I hope someone could help me -- I'm trying for almost one whole day already
> and couldn't get LDAP over SSL to work, without success.
> I have generated a self-signed certificate using this command:
> sudo openssl req -newkey rsa:1024 -x509 -nodes -out server.pem -keyout
> server.pem -days 3650

This is not the proper way to create a certificate chain.
1. create a certificate authority
2. create a server certificate
3. sign the server certificate with the CA
4. extract the password from server certificate into a key

You may use tinyCA to create the chain


Dieter Klünter | Systemberatung
sip: +49.40.20932173