George Holbert
Thu, 16 Feb 2006 14:17:23 -0800
how did you verify that SSL is working? Did you sniff it or what?
Yes, using snoop.I should say I didn't debug it using ldapsearch, so I'm still not sure what's going on with that in your case. But, since your end goal is ldap name service over SSL, have you tried that yet on the Solaris 10 client? If nothing else, it might spew some error messages (in /var/adm/messages) that give some new clues.
Susan wrote:
--- George Holbert <[EMAIL PROTECTED]> wrote:*|# Add your ascii CA certificate to the cert DB. certutil -A -n "Susan's CA" -t "C,," -a -i ./susans-cacert.pem -d /var/ldap # List the contents of your cert DB. |***|certutil -L -d /var/ldap|**did all that, imported w/o problems: -bash-3.00# /usr/sfw/bin/certutil -L -d /var/ldapCA certificate C,,________________________________________________ However, this: ldapsearch -b "ou=profile,dc=composers,dc=company,dc=com" -h cnyitlin02 -L "cn=*" -Z -p 636 -P /var/ldap/ still transmits clear text.Try this first using certutil as included with Solaris 10 (/usr/sfw/bin/certutil). I think this will create a cert8 file.It does. Doesn't seem to do any good, however. how did you verify that SSL is working? Did you sniff it or what? __________________________________________________ Do You Yahoo!?Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users
-- Fedora-directory-users mailing list Fedora-directory-users@redhat.com https://www.redhat.com/mailman/listinfo/fedora-directory-users