Hi,
I have done it with Wireshark. There is a txt-file.
But I dont know where I must put or declare the certificate?
That is why the LDAP server said: (TLS negotiation failure)
I Know: this is the error, when the ldap-server gets not the correct
certificate or gets no certificate.
So in my other applications I must declare the right certificate an it
works.
(bad english, I know, sorry)
Thanks!
Potsbew
2007/12/4, Purchases <[EMAIL PROTECTED]>:
>
> Your code looks right. What I have done and have confirmed that this works
> by using Wireshark to snoop the connection to the server is: and everything
> behaves as expected. Use wireshark to help diagnose your problem as well as
> running ldap server in debug mode
>
> function TForm1.SetupLdap: TLdapSend;
> begin
> with Result do
> begin
> Result := TLDAPsend.Create;
> TargetHost := LDAP_SERVER;
> UserName := LDAP_MANAGER;
> Password := LDAP_MANAGER_PASSWORD;
> TargetPort := '636';
> FullSSL := True;
> end;
> end;
>
>
> procedure TForm1.GetMissingFields(ldapType: String; var List:
> TSpTBXListBox);
> var
> ldap: TLDAPsend;
> l: TStringList;
> Item : TLdapResult;
> Attributes : TStringList;
> begin
> ldap:= SetupLdap;
> l := TStringList.Create;
> Attributes := TStringList.Create;
> try
> ldap.Login;
> ldap.Bind;
> ...
> etc
>
> potsbew wrote:
>
> Hallo,
> I want to use LDAPS over Port 636.
> But I dont know, how to import the certificate for ldaps.
>
> Over port 389 it works fine, but with 636 the server has an error with the
> certifikate. A LDAP-Browser works over ldaps and 636.
>
> Here my code:
>
> ------------------------------------------------------------------------------------------------
> procedure TForm1.Button1Click(Sender: TObject);
> var
> ldap: TLDAPsend;
> l: TStringList;
> begin
> memo1.Clear;
> ldap:= TLDAPsend.Create;
> l := TStringList.Create;
> try
> ldap.TargetHost := '172.16.0.1';
> ldap.TargetPort := '636';
> ldap.Version := 3;
> ldap.FullSSL := true;
> ldap.UserName := 'cn=administrator,dc=domain,dc=com';
> ldap.Password := 'password';
> ldap.Login;
> ldap.Bind;
> l.Add('*');
> ldap.Search('ou=basic,o=domain,dc=domain,dc=com', False, '(cn=*)', l);
> memo1.Lines.Add (LDAPResultdump(ldap.SearchResult));
> ldap.Logout;
> finally
> ldap.Free;
> l.Free;
> end;
> end;
>
> ------------------------------------------------------------------------------------------------
> Can someone help me?
> Thank you !!
>
> Potsbew
>
> ------------------------------
>
> -------------------------------------------------------------------------SF.Net
> email is sponsored by: The Future of Linux Business White Paper
> from Novell. From the desktop to the data center, Linux is going
> mainstream. Let it simplify your IT
> future.http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4
>
> ------------------------------
>
> _______________________________________________
> synalist-public mailing [EMAIL
> PROTECTED]://lists.sourceforge.net/lists/listinfo/synalist-public
>
>
>
>
> -------------------------------------------------------------------------
> SF.Net email is sponsored by: The Future of Linux Business White Paper
> from Novell. From the desktop to the data center, Linux is going
> mainstream. Let it simplify your IT future.
> http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4
> _______________________________________________
> synalist-public mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/synalist-public
>
>
No. Time Source Destination Protocol Info
1 0.000000 172.24.128.11 172.24.56.111 TCP 3634 >
ldaps [SYN] Seq=0 Len=0 MSS=1460
Frame 1 (62 bytes on wire, 62 bytes captured)
Ethernet II, Src: WwPcbaTe_da:0e:26 (00:0f:1f:da:0e:26), Dst: Vmware_9e:1e:05
(00:50:56:9e:1e:05)
Internet Protocol, Src: 172.24.128.11 (172.24.128.11), Dst: 172.24.56.111
(172.24.56.111)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 48
Identification: 0x77b2 (30642)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0x726a [correct]
Source: 172.24.128.11 (172.24.128.11)
Destination: 172.24.56.111 (172.24.56.111)
Transmission Control Protocol, Src Port: 3634 (3634), Dst Port: ldaps (636),
Seq: 0, Len: 0
Source port: 3634 (3634)
Destination port: ldaps (636)
Sequence number: 0 (relative sequence number)
Header length: 28 bytes
Flags: 0x02 (SYN)
Window size: 64512
Checksum: 0xd9a3 [correct]
Options: (8 bytes)
No. Time Source Destination Protocol Info
2 0.000182 172.24.56.111 172.24.128.11 TCP ldaps
> 3634 [SYN, ACK] Seq=0 Ack=1 Win=5840 Len=0 MSS=1460
Frame 2 (64 bytes on wire, 64 bytes captured)
Ethernet II, Src: Vmware_9e:1e:05 (00:50:56:9e:1e:05), Dst: WwPcbaTe_da:0e:26
(00:0f:1f:da:0e:26)
Internet Protocol, Src: 172.24.56.111 (172.24.56.111), Dst: 172.24.128.11
(172.24.128.11)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 48
Identification: 0x0000 (0)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x2a1d [correct]
Source: 172.24.56.111 (172.24.56.111)
Destination: 172.24.128.11 (172.24.128.11)
Transmission Control Protocol, Src Port: ldaps (636), Dst Port: 3634 (3634),
Seq: 0, Ack: 1, Len: 0
Source port: ldaps (636)
Destination port: 3634 (3634)
Sequence number: 0 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 28 bytes
Flags: 0x12 (SYN, ACK)
Window size: 5840
Checksum: 0xff36 [correct]
Options: (8 bytes)
[SEQ/ACK analysis]
No. Time Source Destination Protocol Info
3 0.000201 172.24.128.11 172.24.56.111 TCP 3634 >
ldaps [ACK] Seq=1 Ack=1 Win=64512 Len=0
Frame 3 (54 bytes on wire, 54 bytes captured)
Ethernet II, Src: WwPcbaTe_da:0e:26 (00:0f:1f:da:0e:26), Dst: Vmware_9e:1e:05
(00:50:56:9e:1e:05)
Internet Protocol, Src: 172.24.128.11 (172.24.128.11), Dst: 172.24.56.111
(172.24.56.111)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 40
Identification: 0x77b3 (30643)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0x7271 [correct]
Source: 172.24.128.11 (172.24.128.11)
Destination: 172.24.56.111 (172.24.56.111)
Transmission Control Protocol, Src Port: 3634 (3634), Dst Port: ldaps (636),
Seq: 1, Ack: 1, Len: 0
Source port: 3634 (3634)
Destination port: ldaps (636)
Sequence number: 1 (relative sequence number)
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x10 (ACK)
Window size: 64512
Checksum: 0x46ca [correct]
[SEQ/ACK analysis]
No. Time Source Destination Protocol Info
4 0.000369 172.24.128.11 172.24.56.111 SSL
Continuation Data
Frame 4 (109 bytes on wire, 109 bytes captured)
Ethernet II, Src: WwPcbaTe_da:0e:26 (00:0f:1f:da:0e:26), Dst: Vmware_9e:1e:05
(00:50:56:9e:1e:05)
Internet Protocol, Src: 172.24.128.11 (172.24.128.11), Dst: 172.24.56.111
(172.24.56.111)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 95
Identification: 0x77b4 (30644)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0x7239 [correct]
Source: 172.24.128.11 (172.24.128.11)
Destination: 172.24.56.111 (172.24.56.111)
Transmission Control Protocol, Src Port: 3634 (3634), Dst Port: ldaps (636),
Seq: 1, Ack: 1, Len: 55
Source port: 3634 (3634)
Destination port: ldaps (636)
Sequence number: 1 (relative sequence number)
[Next sequence number: 56 (relative sequence number)]
Acknowledgement number: 1 (relative ack number)
Header length: 20 bytes
Flags: 0x18 (PSH, ACK)
Window size: 64512
Checksum: 0x9cc3 [correct]
Secure Socket Layer
No. Time Source Destination Protocol Info
5 0.000499 172.24.56.111 172.24.128.11 TCP ldaps
> 3634 [ACK] Seq=1 Ack=56 Win=5840 Len=0
Frame 5 (64 bytes on wire, 64 bytes captured)
Ethernet II, Src: Vmware_9e:1e:05 (00:50:56:9e:1e:05), Dst: WwPcbaTe_da:0e:26
(00:0f:1f:da:0e:26)
Internet Protocol, Src: 172.24.56.111 (172.24.56.111), Dst: 172.24.128.11
(172.24.128.11)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 40
Identification: 0x91b5 (37301)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x986f [correct]
Source: 172.24.56.111 (172.24.56.111)
Destination: 172.24.128.11 (172.24.128.11)
Transmission Control Protocol, Src Port: ldaps (636), Dst Port: 3634 (3634),
Seq: 1, Ack: 56, Len: 0
Source port: ldaps (636)
Destination port: 3634 (3634)
Sequence number: 1 (relative sequence number)
Acknowledgement number: 56 (relative ack number)
Header length: 20 bytes
Flags: 0x10 (ACK)
Window size: 5840
Checksum: 0x2bc4 [correct]
[SEQ/ACK analysis]
No. Time Source Destination Protocol Info
6 0.001045 172.24.56.111 172.24.128.11 TCP ldaps
> 3634 [FIN, ACK] Seq=1 Ack=56 Win=5840 Len=0
Frame 6 (64 bytes on wire, 64 bytes captured)
Ethernet II, Src: Vmware_9e:1e:05 (00:50:56:9e:1e:05), Dst: WwPcbaTe_da:0e:26
(00:0f:1f:da:0e:26)
Internet Protocol, Src: 172.24.56.111 (172.24.56.111), Dst: 172.24.128.11
(172.24.128.11)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 40
Identification: 0x91b6 (37302)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x986e [correct]
Source: 172.24.56.111 (172.24.56.111)
Destination: 172.24.128.11 (172.24.128.11)
Transmission Control Protocol, Src Port: ldaps (636), Dst Port: 3634 (3634),
Seq: 1, Ack: 56, Len: 0
Source port: ldaps (636)
Destination port: 3634 (3634)
Sequence number: 1 (relative sequence number)
Acknowledgement number: 56 (relative ack number)
Header length: 20 bytes
Flags: 0x11 (FIN, ACK)
Window size: 5840
Checksum: 0x2bc3 [correct]
No. Time Source Destination Protocol Info
7 0.001067 172.24.128.11 172.24.56.111 TCP 3634 >
ldaps [ACK] Seq=56 Ack=2 Win=64512 Len=0
Frame 7 (54 bytes on wire, 54 bytes captured)
Ethernet II, Src: WwPcbaTe_da:0e:26 (00:0f:1f:da:0e:26), Dst: Vmware_9e:1e:05
(00:50:56:9e:1e:05)
Internet Protocol, Src: 172.24.128.11 (172.24.128.11), Dst: 172.24.56.111
(172.24.56.111)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 40
Identification: 0x77b5 (30645)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 128
Protocol: TCP (0x06)
Header checksum: 0x726f [correct]
Source: 172.24.128.11 (172.24.128.11)
Destination: 172.24.56.111 (172.24.56.111)
Transmission Control Protocol, Src Port: 3634 (3634), Dst Port: ldaps (636),
Seq: 56, Ack: 2, Len: 0
Source port: 3634 (3634)
Destination port: ldaps (636)
Sequence number: 56 (relative sequence number)
Acknowledgement number: 2 (relative ack number)
Header length: 20 bytes
Flags: 0x10 (ACK)
Window size: 64512
Checksum: 0x4692 [correct]
[SEQ/ACK analysis]
No. Time Source Destination Protocol Info
8 0.001079 172.24.56.111 172.24.128.11 TCP ldaps
> 3634 [RST, ACK] Seq=2 Ack=56 Win=5840 Len=0
Frame 8 (64 bytes on wire, 64 bytes captured)
Ethernet II, Src: Vmware_9e:1e:05 (00:50:56:9e:1e:05), Dst: WwPcbaTe_da:0e:26
(00:0f:1f:da:0e:26)
Internet Protocol, Src: 172.24.56.111 (172.24.56.111), Dst: 172.24.128.11
(172.24.128.11)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 40
Identification: 0x91b7 (37303)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x986d [correct]
Source: 172.24.56.111 (172.24.56.111)
Destination: 172.24.128.11 (172.24.128.11)
Transmission Control Protocol, Src Port: ldaps (636), Dst Port: 3634 (3634),
Seq: 2, Ack: 56, Len: 0
Source port: ldaps (636)
Destination port: 3634 (3634)
Sequence number: 2 (relative sequence number)
Acknowledgement number: 56 (relative ack number)
Header length: 20 bytes
Flags: 0x14 (RST, ACK)
Window size: 5840
Checksum: 0x2bbf [correct]
[SEQ/ACK analysis]
No. Time Source Destination Protocol Info
9 0.001186 172.24.56.111 172.24.128.11 TCP ldaps
> 3634 [RST] Seq=2 Len=0
Frame 9 (64 bytes on wire, 64 bytes captured)
Ethernet II, Src: Vmware_9e:1e:05 (00:50:56:9e:1e:05), Dst: WwPcbaTe_da:0e:26
(00:0f:1f:da:0e:26)
Internet Protocol, Src: 172.24.56.111 (172.24.56.111), Dst: 172.24.128.11
(172.24.128.11)
Version: 4
Header length: 20 bytes
Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
Total Length: 40
Identification: 0x0000 (0)
Flags: 0x04 (Don't Fragment)
Fragment offset: 0
Time to live: 64
Protocol: TCP (0x06)
Header checksum: 0x2a25 [correct]
Source: 172.24.56.111 (172.24.56.111)
Destination: 172.24.128.11 (172.24.128.11)
Transmission Control Protocol, Src Port: ldaps (636), Dst Port: 3634 (3634),
Seq: 2, Len: 0
Source port: ldaps (636)
Destination port: 3634 (3634)
Sequence number: 2 (relative sequence number)
Header length: 20 bytes
Flags: 0x04 (RST)
Window size: 0
Checksum: 0xcef8 [correct]
-------------------------------------------------------------------------
SF.Net email is sponsored by: The Future of Linux Business White Paper
from Novell. From the desktop to the data center, Linux is going
mainstream. Let it simplify your IT future.
http://altfarm.mediaplex.com/ad/ck/8857-50307-18918-4
_______________________________________________
synalist-public mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/synalist-public
