From: Bjorn O. G. <bg...@sa...> - 2005-07-08 11:53:44
|
Pierre Naude: > Hi, > > I'm trying to connect to a server using simple authentication over ssl, > but I'm getting the following error message: > > 15:28:12 LDAP bind operation not successful. Reason: > {'info': 'error:14090086:SSL > routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed', 'desc': > "Can't contact LDAP server"} > > I suspect I need to import the the server's ssl certificate, but can't > figure out how. (I had to do this with older Windows versions of jxplorer). > > I know this is a Luma config issue because the same setup works > perfectly under Jxplorer version 3.1. > > I'm using Luma version 2.1.2 installed from a Mandrake rpm. First of all, 2.1.3 is currently the latest version. I recommend you try the latest version first. We have a known problem with SSL vs TLS, which will be fixed in the upcoming release, together with a set of new features. Luma uses python-ldap which is a wrapper around openldap libs. Given this, you can configure Luma to behave more or less the same as ldapsearch and other commandline clients from OpenLDAP using ldap.conf or ~/.ldaprc putting this line into your .ldaprc, could possibly help. TLS_REQCERT never Is the cn in the certificate the same as the hostname you're trying to connect by? -- Regards Bjorn Ove |