> On Feb 4, 2015, at 8:48 AM, Jan Holzhueter <[email protected]> wrote: > > Hi, > > Am 04.02.15 um 15:29 schrieb Tom Lynch: >>>> >>>> Unfortunately, I am still having problems with this. Here is what my >>>> error_log says: >>>> >>>> [Mon Feb 02 17:01:51 2015] [info] APR LDAP: Built with OpenLDAP LDAP SDK >>>> [Mon Feb 02 17:01:51 2015] [info] LDAP: SSL support unavailable: LDAP: >>>> SSL/TLS ldapssl_client_init() function not supported by this >>>> Netscape/Mozilla/Solaris SDK. Certificate authority file not set >>>> >>>> What exactly is this telling me - that SSL support is unavailable even >>>> though the previous line show that the APR is built with openLDAP SDK? Or >>>> is it not supported because there is a problem with my trusted certificate >>>> file? > > you need to provide a PEM for your LDAP Server I guess. > > of your CA that is > > Put this: > > > TLS_CACERT /var/ldap/cacert.pem > > in > /etc/opt/csw/openldap/ldap.conf > > hope this helps. Jan,
This didn’t appear to help. Do you mean I need to put this in the ldap.conf file on my ldap server? I searched the source code for "LDAP: SSL support unavailable…” that I get in my log file. That error appears to be in apr-util apr_ldap_option.c in a section that deals with the Netscape/Mozilla/Solaris SDK. But how does it get to that section when APR LDAP was built with OpenLDAP LDAP SDK? Maybe this is a question for another list… Thanks for your help. Tom
smime.p7s
Description: S/MIME cryptographic signature
