Hi Dieter, Thanks for the reply,
This server was only for testing purposes, so, that's why I used a self-signed certificate. I got it working, the issue, as stupid as it is, was that I was editing the wrong ldap.conf file (Mac OSX has one on /etc/openldap and other on /opt/local/etc/openldap, which was the one being used). Marcelo. On Thu, May 20, 2010 at 3:09 AM, Dieter Kluenter <die...@dkluenter.de>wrote: > Marcelo de Moraes Serpa <celose...@gmail.com> writes: > > > Hello all, > > > > I hope someone could help me -- I'm trying for almost one whole day > already > > and couldn't get LDAP over SSL to work, without success. > [...] > > I have generated a self-signed certificate using this command: > > > > sudo openssl req -newkey rsa:1024 -x509 -nodes -out server.pem -keyout > > server.pem -days 3650 > [...] > > This is not the proper way to create a certificate chain. > 1. create a certificate authority > 2. create a server certificate > 3. sign the server certificate with the CA > 4. extract the password from server certificate into a key > > You may use tinyCA to create the chain > http://tinyca.sm-zone.net/index.html > > -Dieter > > -- > Dieter Klünter | Systemberatung > sip: +49.40.20932173 > http://www.dpunkt.de/buecher/2104.html > GPG Key ID:8EF7B6C6 >
