[Pdns-users] PowerDNS + TLS, How should Slapd be setup?
norbert at linuxnetworks.de
Tue Feb 17 22:57:58 UTC 2009
> I've been at this too long. Turned off ldap-starttls, and it hooked up to
> the ldaps://URI just fine. Hah!
ldap-starttls is only allowed if ldap-host is a ldap:// URI or a host name /
IP address. It's not allowed for ldaps:// URIs as SSL and TLS does exclude
> But, the Assertion failure still happens when you have ldap-starttls=yes
> and ldap-host is in the form of ldap://ldap.mydomain.com/, which
> corresponds with the documentation on the ldap-backend website, so I think
> that sounds like a bug?
> Of course, my slapd is still running in ldaps-only mode, so maybe the
> daemon isn't dealing with a return value properly?
If you LDAP server only listens to port 636 (ldaps://), you won't be able to
connect via ldap:// and/or TLS as ldap:// schemas will tell the LDAP library
to connect to port 389.
OpenPGP public key
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 197 bytes
Desc: This is a digitally signed message part.
More information about the Pdns-users