> Hi - We're using SSSD with LDAPS and TLS on redhat, and it's working > fine. I just tried to make it work for unbuntu, but I can't get TLS to > work. I get the following errors: > > (Mon Jan 30 14:36:09 2012) [sssd[be[PSFC]]] > [sss_ldap_init_sys_connect_done] (1): ldap_install_tls failed: Connect > error (Mon Jan 30 14:36:09 2012) [sssd[be[PSFC]]] [sdap_sys_connect_done] > (1): sdap_async_connect_call request failed. > > if I disable TLS, it works ok. I verified that the certificates are > valid using the openssl verify command. Any other suggestions? I > would be willing to build the latest version of SSSD for Ubuntu, to see > if that would help. Unfortunately, I can't find the correct parameters > for the ./configure command, to build it on Ubuntu. Can anyone point me > to that? Thanks. - Mark
Hello, first I would try setting ldap_tls_reqcert = never to find out if this has anything to do with the certificate. Also trying to connect to the server using ldapsearch with the config you used for SSSD might be a good idea to find out if there is some problem with SSL/TLS connection. IIRC Ubuntu uses different crypto backend for openldap than Fedora, so that might cause the issue. That's all I can tell you right now, I'm not an expert on SSSD in Ubuntu but I'm CCing Timo Aaltonen, perhaps he can help more. Jan
signature.asc
Description: This is a digitally signed message part.
_______________________________________________ sssd-devel mailing list [email protected] https://fedorahosted.org/mailman/listinfo/sssd-devel
