I ran into various issues with OpenLDAP + SSL/TLS. Finally, I ended up tunneling via stunnel. Something you might want to consider?

 

 

Siddhartha

 

 

 

 

From: openldap-technical-bounces+sjain=silverspringnet.com@openldap.org [mailto:openldap-technical-bounces+sjain=silverspringnet.com@openldap.org] On Behalf Of Lynn York
Sent: Monday, April 12, 2010 8:14 AM
To: openldap-technical@openldap.org
Subject: Problem with SSL/TLS

 

I have created a cert. on the server and openldap starts without any issues, however when I attempt to connect via ldaps I keep getting the following error:

 

 

ldapsearch -x -H ldaps://localhost:636 -D "cn=Manager,dc=testing,dc=com" -W -b "dc=testing,dc=com" "(objectClass=top)"

Enter LDAP Password:

ldap_bind: Can't contact LDAP server (-1)

        additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

 

I can’t quite pin point what the problem might be. 

 

Lynn York II

MavenWire Hosting Admin

www.mavenwire.com

(866) 343-4870 x717

 

MavenWire - We DELIVER

http://www.mavenwire.com

 

This e-mail and any attached files may contain confidential and/or privileged material for the sole use of the intended recipient.  Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive this e-mail for the recipient), you may not review, copy or distribute this message.  Please contact the sender by reply e-mail and delete all copies of this message.

 

MavenWire - We DELIVER
http://www.mavenwire.com
 
This e-mail and any attached files may contain confidential and/or privileged material for the sole use of the intended recipient.  Any review, use, distribution or disclosure by others is strictly prohibited. If you are not the intended recipient (or authorized to receive this e-mail for the recipient), you may not review, copy or distribute this message.  Please contact the sender by reply e-mail and delete all copies of this message.