similar to: LDAP clients fail to connect with SSL enabled

Hey list, I was having a similar SSL/openLDAP problem to this last week. I had a chance to look at this again today and it still appears to not be working. I called godaddy and had the last cert cancelled and reissued as I had mis-typed the name of the CN on the last one. I am trying to setup a Godaddy turbo SSL certificate with an openLDAP 2.4 server under FreeBSD 8.1. The clients are mainly

Hello list, I am running an openldap 2.4 server under FreeBSD that was working well until the config was tweaked by someone on the team without properly documenting their work # /usr/local/etc/ldap.con on ldap server (FreeBSD 8.1) host LBSD.summitnjhome.com base dc=summitnjhome,dc=com sudoers_base ou=sudoers,ou=Services,dc=summitnjhome,dc=com binddn

hi list.. I am trying to add an ldif with my users that I have derived from /etc/passwd. for some reason ldapadd is choking on the first entry... I've also tried removing the first one and predictably each one fails in exactly the same way...may I ask how best to correct this? Here is the error: LDAP# ldapadd -x -D "cn=Manager,dc=summitnjhome,dc=com" -W -f /tmp/passwd.ldif adding

Hello, I am attempting to grep the contents of a key file I have SCP'd to a remote server. I am able to cat it: [code] [bluethundr at LBSD2:~]$:ssh root at sum1 cat /root/id_rsa.pub root at lcent01.summitnjhome.com's password: ssh-rsa

hello list!! the reason I'm writing you guys today is that I'm looking to solve an issue I am having with apache on a centos 5.5 box. The situation is this.. I am sharing the webroot for a few sites in a test environment on an NFS share. This is the share: nas2:/mnt/store/web 1.4T 225G 1021G 19% /var/www Everything that is shared from this location on a server called simply web1

Hello CentOS I am having a bit of trouble importing an ldif into openldap, tho the syntax looks a-ok to me. I am attempting to import my sudoers list into my ldap configuration and I used an application called sudoers2ldif to generate the ldif. I used the following command to import the file: ============================================= [root at bluethundr-desktop:~/txt/ldif ] $:ldapadd -h

hello list I have a network mounted home directory shared between all hosts on my network: [bluethundr at LCENT03:~]#df -h Filesystem Size Used Avail Use% Mounted on /dev/mapper/VolGroup00-LogVol00 140G 4.4G 128G 4% / /dev/sda1 99M 35M 60M 37% /boot tmpfs 1.6G 0 1.6G 0% /dev/shm nas.summitnjhome.com:/mnt/nas

Hi, I have been doing some tests using hping2 and TCP SYN pings targeting local and remote hosts from two FreeBSD 4.7-RELEASE-p10 and one Linux 2.4.18 host. The three machines have the same hardware configuration and have been running for 6 months now. The average load isnt too high (usually 0.01 to 0.15) on the FreeBSD machines. Here is the output from hping2 (excuse me the line wrap),

hello list! I am attempting to setup haproxy using a shared up I am trying to setup using the heartbeat package that I currently have installed: [root at VIRTCENT01:~]#rpm -qa | grep heartbeat | grep -v -e stonith -e pils heartbeat-2.1.4-11.el5 heartbeat-2.1.4-11.el5 I have /etc/ha/.d authkeys setup this way: # auth 2 #1 crc 2 sha1 {SHA}secret I have /etc/ha.d/resources setup like this:

hey list! having a slightly odd time issue on one host... can I get some help with this? This is the current time from a working system: Sun Apr 17 00:28:18 EDT 2011 However from the problem system this is the time: Sat Apr 16 20:30:01 EDT 2011 I have set the time zone as such: lrwxrwxrwx 1 root root 23 Apr 16 19:41 /etc/localtime -> /usr/share/zoneinfo/EST But when I run ntpdate

hello list, I am attempting to load balance SSL web servers using haproxy on centos 5.7. I am using HA-Proxy version 1.4.18 Here is the stanza in the config regarding SSL: listen https 192.168.1.200:443 mode tcp balance roundrobin option forwardfor except 192.168.1.200 option redispatch maxconn 10000 reqadd X-Forwarded-Proto:\ https

hello again list!! I am attempting to work out how to serve files with puppet. Here is my fileserver.conf file # This file consists of arbitrarily named sections/modules # defining where files are served from and to whom # Define a section ''files'' # Adapt the allow/deny settings to your needs. Order # for allow/deny does not matter, allow always takes precedence # over

We are seeing a few (0-15) proxy failures like the following out of ~3m successful proxied connections a day. Average session creation load over our peak hour is about 47/sec. The backend servers aren't logging anything that would suggest any internal problem like insufficient processes to handle the load. It doesn't seem to happen when utilization is lowest at night. dovecot:

Hello list I am attempting to manage my key logins with ssh-agent. However EVERY time I try to ssh I have to go through the same exact routing and it's getting a little old... [bluethundr at LCENT01:~]#ssh sum3 Enter passphrase for key '/home/bluethundr/.ssh/id_rsa': [bluethundr at LCENT01:~]#exec ssh-agent bash [bluethundr at LCENT01:~]#ssh-add Enter passphrase for

I'm attempting to upgrade my Dovecot installation to 2.3.2.1. My SSL certificate authority provides a bundle containing their CA, plus intermediate CAs, which I configure using the 'ssl_ca' option. The comments in the configuration file say to only set this when you're requiring client certificates, which I'm not, but fetchmail complains with a "Server certificate

I noticed that when I migrated my users with the migrate_passwd.pl tool from PADL it didn't migrate the actual passwords (just the rest of the posixAccount info). I think I need to set the EXTENDED_SCHEMA variable and then try running the tool again. does anyone know what this should be? I actually thought there might be a migrate_shadow.pl tool that could accomplish this, but there

We have really enjoyed our first couple of weeks using samba2.2.2 as our PDC but the past couple of days have been a nightmare the server out of nowhere stopped letting people log in. We recieved an error message that said "Device is not installed on this network." Now we were able to get rid of the problem and at first were not sure how but, a couple of days later it happened again but

Has anyone gotten dovecot to work on Red Hat Linux 9 with ssl support? It seems to work just fine on Red Hat Linux 8.0, but doesn't seem to work Red Hat Linux 9. When I try to use openssl to connect to the server i get: [elliot at localhost elliot]$ openssl s_client -connect rktest.physics.ncsu.edu:993 CONNECTED(00000003) depth=0 /OU=IMAP server/CN=imap.example.com/emailAddress=postmaster at

checking IMAP connection. Based on that experimentation, it seems that when I try to verify certificate files with openssl, all checks out, but when I try to check thing through IMAPS, things go ugly (see log below). If I try same openssl s_client command on my web server, it gets everything correctly. As result from this one, I've even tried to use certificate from my web server with IMAP

checking IMAP connection. Based on that experimentation, it seems that when I try to verify certificate files with openssl, all checks out, but when I try to check thing through IMAPS, things go ugly (see log below). If I try same openssl s_client command on my web server, it gets everything correctly. As result from this one, I've even tried to use certificate from my web server with IMAP