What is the cn in the SSL certificate being used by the LDAP server? It
seems odd that this would work at all with start tls, unless your SSL
certificate was set up oddly.
This is the beginning of the /etc/ldap/slapd-cert-ldap1.pem
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 2 (0x2)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=SK, ST=Slovakia, L=Banska Bystrica, O=Mesto,
OU=Referat informatiky, CN=ldap2.misbb.sk/[EMAIL PROTECTED]
Validity
Not Before: May 2 14:13:55 2004 GMT
Not After : May 2 14:13:55 2005 GMT
Subject: C=SK, ST=Slovakia, L=Banska Bystrica, O=Mesto,
OU=Referat informatiky, CN=ldap1.misbb.sk/[EMAIL PROTECTED]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
It seems, that certificate is expired already. However, there are some
questionable circumstances:
1, it has been working alright before, few weeks ago, on Sarge
2, it works even now for samba if localhost is specified (as mentioned
before).
3, linux clients with LDAP authentication don't comply
4, AFAIK, samba on client dosen't comply (need to prove)
5, eGroupWare webserver with LDAP user authentication dosen't comply
6, if the date of certificate was the right problem here, one would
assume that someone would complain loudly with "certificate out of date"
and end up regulary
Hrm, odd. Are there any previous errors, possibly at a higher debug
level? If this is on the LDAP socket, it suggests some pretty big
brokenness.
Please, suggest the right debug level that I should use.
Peter
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
