>> >> zmlocalconfig -e ldap_master_url=ldaps://mail.domain.com:636 >> zmlocalconfig -e ldap_url=ldaps://mail.domain.com:636 >> zmlocalconfig -e ldap_starttls_supported=0 >> zmlocalconfig -e ldap_port=636 >> zmcontrol stop && zmcontrol start > > I don't know what the above do but presuming it is all on the server side.
I did this on the zimbra server to enable ldaps. followed the link http://wiki.zimbra.com/wiki/How_to_enable_ldaps >> ldapsearch -x -v -H 'ldaps://mail.domain.com/' -b >> 'ou=people,dc=domain,dc=com' -D >> 'uid=test1,ou=people,dc=domain,dc=com' -W -d -1 If I run the above command within the zimbra server, it works well. i.e it gives all the entries in the ldap server. If I run the same command from any other machine aka my laptop, It ends with an error. TLS: peer cert untrusted or revoked (0x42) TLS: can't connect: (unknown error code). ldap_err2string ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) > -ZZ is missing see above. adding -ZZ gives the same error. > Can you contact the LDAP server in text mode? i.e. telnet <ipNumber> 389 > LIke so: > > $ telnet sas-alix 389 > Trying 172.16.0.1... > Connected to sas-alix.xxxxxx.xxxxxx.xxx > Escape character is '^]'. I can connect it via telnet telnet <ipNumber> 636 gives the same output as above. >> What is mean by the error? >> TLS: peer cert untrusted or revoked (0x42) >> >> In server side, in the file /etc/openldap/ldap.conf > I believe this is the conf file for the client. The server side conf > file is slapd.conf (man slapd.conf for TLS settings) /etc/openldap/ldap.conf is for server side only. Can not find the file slapd.conf in my zimbra server. -- Regards, T.Shrinivasan My Life with GNU/Linux : http://goinggnu.wordpress.com Free/Open Source Jobs : http://fossjobs.in Get CollabNet Subversion Edge : http://www.collab.net/svnedge _______________________________________________ ILUGC Mailing List: http://www.ae.iitm.ac.in/mailman/listinfo/ilugc
