[Pdns-users] TLS issues with LDAP backend on FreeBSD
Norbert Sendetzky
norbert at linuxnetworks.de
Thu Jun 26 21:08:38 UTC 2008
On Thursday 26 June 2008 06:26:08 srinisan at fmailbox.com wrote:
> When TLS is turned on, I can run the regular LDAP client apps
> (ldapsearch, ldapadd, etc.) using the -Z option which forces TLS.
> Also, not using -Z gives me the "Confidentiality Required" error on
> those LDAP clients. So, I know that everything is good with slapd and
> ldap.conf wrt TLS.
Please try "ldapsearch -ZZ ..." as "-Z" only tries to connect using TLS but
falls back to normal connections if TLS fails.
It would be also interesting to see your ldap related pdns.conf settings.
> However, on slapd's logs, I don't see anything about powerdns trying
> to start TLS. I do see a connection rejection by slapd because the
> connection didn't use TLS.
Does "netstat -lp" shows open connections from your box to the LDAP server?
Norbert
--
OpenPGP public key
http://www.linuxnetworks.de/norbert.pubkey.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 189 bytes
Desc: This is a digitally signed message part.
URL: <http://mailman.powerdns.com/pipermail/pdns-users/attachments/20080626/a33e3c82/attachment.sig>
More information about the Pdns-users
mailing list