Hi, Here I'm another time with my LDAP tests. In this moment my situation is the following one:
I've installed this software: Solaris 8 Cyrus IMAP 2.1.13 Cyrus SASL 2.1.15 OpenLDAP 2.1.22 libraries OpenSSL 0.9.6 Saslauthd works fine with ldap authentication against my Lotus Domino eDirectory. My Cyrus IMAP server and my LDAP server aren't in the same machine. Now, in my next step, I can't to authenticate saslauthd with ldaps. I'm sure the CA certificate is correct and my LDAP server accepts SSL connections because I can consult the LDAP directory in another type of clients like Netscape 7 or Explorer 6. This is my /usr/local/etc/saslauthd.conf : #ldap_servers: ldap://myserver.upc.es/ ldap_servers: ldaps://myserver.upc.es/ ldap_bind_dn: cn=UsuariProves1,o=LCX ldap_bind_pw: contrasenya ldap_filter: (&(cn=%u) (objectclass=person)) ldap_tls_cacert_file: /var/imap/certs/escert.cer --> I've tested too with the escert.pem file but the results is the same this is the response when I make the test: > saslauthd -a ldap > testsaslauthd -u usuariproves1 -p contrasenya 0: NO "authentication failed" and the results in the /var/log/auth.log file: Sep 9 13:40:58 delius saslauthd[1260]: [ID 390612 auth.warning] ldap_simple_bind() failed as cn=UsuariProves1,o=LCX (Can't contact LDAP server) Sep 9 13:40:58 delius saslauthd[1260]: [ID 462440 auth.warning] lak_bind() failed Sep 9 13:40:58 delius saslauthd[1260]: [ID 285309 auth.info] do_auth : auth failure: [user=usuariproves1] [service=imap] [realm=] [mech=ldap] [reason=Unknown] Sep 9 13:40:58 delius last message repeated 1 time Sep 9 13:40:58 delius saslauthd[1260]: [ID 286158 auth.warning] Unable to set LDAP_OPT_X_TLS_CACERTFILE (Unknown error). My Domino LDAP directory have the following parameters related with ports: TCP/IP port number: 389 TCP/IP port status: Enabled Authentication options: Name & password: Yes Anonymous: No SSL port number: 636 SSL port status: Enabled Authentication options: Client certificate: No Name & password: Yes Anonymous: No Can someone help me, please? Thanks in advance. - ANNA -