thr3ads.net - Fedora directory users - Re: [Fedora-directory-users] Nothing happens on Win Sync ? [Mar 2009]

If this information is useful, please help other people find it:
Share via:

Emmanuel BILLOT

2009-Mar-19 13:41 UTC

Re: [Fedora-directory-users] Nothing happens on Win Sync ?

Emmanuel BILLOT a écrit :> Many tests give the followibng result
>
> [root@ldapnew slapd-ldapnew]# /usr/lib/mozldap/ldapsearch -h 
> porlsvrdc0003.ird.fr -p 636 -D "cn=toutou,cn=Users,dc=ird,dc=fr"
-w -
> -Z -P /etc/dirsrv/slapd-ldapnew/cert8.db -s base -b ""
"objectclass=*"
> Enter bind password:
> ldap_simple_bind: Can''t contact LDAP server
>        SSL error -8183 (security library: improperly formatted 
> DER-encoded message.)
>
> However, cert seems to be ok:
> - ldaps:636 works on ldap.exe client (Windows)
> - ldaps:636 works on  ldapsearch -x -H ldaps://porlsvrdc0003.ird.fr -D 
> "cn=toutou,cn=Users,dc=ird,dc=fr" -W -b "dc=ird,dc=fr"
with the
> "classic" ldapsearch client
>
> How can i debug it ?
>
> BR,
>Ok i found what was wrong : the request.inf from which the req cert is 
generated contained an unknow item value

[Extensions]
2.5.29.17=xxxxxxxx




The inf file without the extensions section generate a good req file and 
then a valid cert.

BR,

-- 
=========================================Emmanuel BILLOT
IRD - Orléans
Délégation aux Systèmes d''Information (DSI)
tél : 02 38 49 95 88
==========================================

Fedora directory users - Mar 2009 - Re: Nothing happens on Win Sync ?

Re: [Fedora-directory-users] Nothing happens on Win Sync ?