Hi,
I'm trying to configure OpenLDAP 2.4.23 (running on RHEL6.5) to use client-side certificates via the SASL/EXTERNAL mechanism. I have successfully configured server-side certs with TLS and was wanting to expand my configuration on the client-side.
If set the TLSClientVerify to "allow" or "try" and attempt to use "-Y EXTERNAL", I get the following message:
SASL/EXTERNAL authentication started ldap_sasl_interactive_bind_s: Unknown authentication method (-6) additional info: SASL (-4): no mechaism available:
If I do a search on the DSE, I get the following available methods:
dn: supportedSASLMechanisms: GSSAPI supportedSASLMechanisms: LOGIN supportedSASLMechanisms: CRAM-MD5 supportedSASLMechanisms: DIGEST-MD5 supportedSASLMechanisms: PLAIN
I know that other people are using this but nobody (here at work) knows why my particular configuration is getting this error. Can anyone help me figure this out?
Thanks,