Configuring saslauthd for ldap
Olivier Nicole
on at cs.ait.ac.th
Thu Jul 23 02:08:13 EDT 2009
Hi,
Thanks for pointing out the typo.
> Your log indicates its a TLS negotioation failure.
This may be missleading as I use SSL, not TLS.
> Does it work if you don't use TLS?
If I configure without SSL:
ldap_servers: ldap://ldap.cs.ait.ac.th/
If I configure with SSL:
ldap_servers: ldaps://ldap.cs.ait.ac.th/
> At a guess, one of the problems you may be having on the saslauthd side is
> that it can't find the CA cert to validate the connection.
In saslauthd I haveL
ldap_tls_cacert_file: /usr/local/ssl/ca/ait-itserv.crt
The file exists and is the CA used by all other services like
pam_ldap:
tls_cacertfile /usr/local/ssl/ca/ait-itserv.crt
Thanks,
Olivier
More information about the Cyrus-sasl
mailing list