LÉVAI Dániel <[EMAIL PROTECTED]> writes: > On Monday 27 October 2008 16.36.41 Philip Guenther wrote: >> On Mon, 27 Oct 2008, LÉVAI Dániel wrote: >> ... [...] >> >> There are two ways to use LDAP with TLS/SSL: >> 1) start the connection in cleartext and then use the StartTLS >> extended-op to initiate a TLS layer, or >> 2) negotiate a TLS/SSL layer immediately after connecting. >> > Alright, understood! Thanks! > >> The former is requested using the "ldap://" schema with the -Z option >> and is normally run on port 389. The latter is requested using the >> "ldaps://" schema and is normally run on port 636. These are >> distinct protocols: the client and server have to be talking the same >> one or it just won't work. >> [...]
> With both ldapsearch(1) commands, I've been asked for my password, and I > typed something bogus intentionally, in the hope of getting the invalid > credentials message, but unfortunatelly, I didn't get it. This sounds as if you have not removed the private part from the key, see man rsa(1), pkcs8(1). How did you create the certificates? -Dieter -- Dieter Klünter | Systemberatung http://www.dpunkt.de/buecher/2104.html sip: +49.180.1555.7770535 GPG Key ID:8EF7B6C6 53°08'09,95"N 10°08'02,42"E