I'm trying to configure OpenLDAP 2.4.23 (running on RHEL6.5) to use
client-side certificates via the SASL/EXTERNAL mechanism. I have
successfully configured server-side certs with TLS and was wanting to
expand my configuration on the client-side.
If set the TLSClientVerify to "allow" or "try" and attempt to use
EXTERNAL", I get the following message:
SASL/EXTERNAL authentication started
ldap_sasl_interactive_bind_s: Unknown authentication method (-6)
additional info: SASL (-4): no mechaism available:
If I do a search on the DSE, I get the following available methods:
I know that other people are using this but nobody (here at work) knows why
my particular configuration is getting this error. Can anyone help me
figure this out?