On 1/6/2011 19:18, Michael Starling wrote:
I'm running openldap-2.3.43-12.el5 on a RHEL 5.5 system:
I find that TLS will not work if I use *uri ldap://10.3.5.207/ *in /etc/ldap.conf on my clients.
TLS magically starts working if I use the deprecated host directive instead:
So if I use *host 10.3.5.207* instead everything starts working:
Any insight as to what might be going on?..Possibly a bug?
Here are my TLS directives on my clients:
#TLS settings ssl start_tls ssl on tls_cacertdir /etc/openldap/cacerts tls_cacertfile /etc/openldap/cacerts/slapdcert.pem tls_checkpeer no
-Mike
try using uri ldaps://10.3.5.207/ .