[nssldap] Issues with TLS

[Date Prev][Date Next] [Thread Prev][Thread Next]

From: Jay Chandler <chandler.lists [at] chapman.edu>
To: nssldap [at] padl.com
Subject: [nssldap] Issues with TLS
Date: Wed, 25 Jul 2007 16:36:44 -0700

I've enabled TLS on the server, and I can create a session correctly.

I can cd ~USERNAME to an LDAP user's home directory; however, when I tryto su to that user, the system hangs.


/var/log/messages shows the following:

Jul 25 16:07:04 wurfel cron[82494]: nss_ldap: could not search LDAPserver - Server is unavailableJul 25 16:12:05 wurfel cron[82508]: nss_ldap: could not search LDAPserver - Server is unavailableJul 25 16:13:05 wurfel cron[82510]: nss_ldap: could not search LDAPserver - Server is unavailableJul 25 16:17:04 wurfel cron[82533]: nss_ldap: could not search LDAPserver - Server is unavailable


/usr/local/etc/nss_ldap.conf contains the following:

host $ourldapserver
base dc=chapman,dc=edu
ldap_version 3
binddn uid=(This is correct)
bindpw **************
ssl start_tls
TLS_CACERT /usr/local/etc/openldap/cacert.pem
pam_password crypt
logdir /var/log

When I remove the ssl start_TLS and the tls_cacert line, things workcorrectly. Anyone have any guidance?


Regards,
Jay Chandler

[nssldap] Issues with TLS, Jay Chandler

Prev by Date: Re: [nssldap] release 0.2 of nss-ldapd
Next by Date: [nssldap] Daemon use of Kerberos with credentials renewal
Previous by thread: Re: [nssldap] release 0.2 of nss-ldapd
Next by thread: [nssldap] Daemon use of Kerberos with credentials renewal