On 2011-02-21, at 15:09, Rob Crittenden wrote:

> Boy, it could be a lot of things. I'd start by checking the SELinux log 
> in /var/log/audit.log. Are you running in permissive or enforcing mode?

SELinux was disabled during the test

> telnet is not very effective on SSL ports, you might want to try a real 
> search. This assumes your IPA CA cert is in /etc/ipa/ca.crt:
> $ TLS_CACERT=/etc/ipa/ca.crt ldapsearch -H ldaps://`hostname` -x -b 
> 'dc=example,dc=com' uid=admin

It does not work. Connection is closing immediately. It does not work for ldap 
either. I attached telnet part just to show that connection is closing, as you 
can see it there clearly.

> Is the ns-slapd process going away or just refusing to accept 
> connections? Is anything in the access log after you try one?

> tcp        0      0 :::636                      :::*                        
> LISTEN      1307/ns-slapd
> tcp        0      0 :::389                      :::*                        
> LISTEN      1307/ns-slapd

As you can see in my original message, ns-slapd is running, listening, 
accepting connections, but closing them immediately. I will check alpha version 
mentioned by Simo.

Tomasz Z. NapieraƂa
Systems Architecture Engineer,
IT Infrastructure Department
Allegro Team

Freeipa-users mailing list

Reply via email to