Configuring saslauthd for ldap

Olivier Nicole on at
Thu Jul 23 02:08:13 EDT 2009


Thanks for pointing out the typo.

> Your log indicates its a TLS negotioation failure.

This may be missleading as I use SSL, not TLS.

> Does it work if you don't use TLS?

If I configure without SSL:

    ldap_servers: ldap://

If I configure with SSL:

   ldap_servers: ldaps://

> At a guess, one of the problems you may be having on the saslauthd side is 
> that it can't find the CA cert to validate the connection.

In saslauthd I haveL

  ldap_tls_cacert_file: /usr/local/ssl/ca/ait-itserv.crt 

The file exists and is the CA used by all other services like

  tls_cacertfile /usr/local/ssl/ca/ait-itserv.crt



More information about the Cyrus-sasl mailing list