SASLAUHTD + SSL + LDAP problem
Igor Brezac
igor at ipass.net
Thu Sep 19 17:27:28 EDT 2002
On Thu, 19 Sep 2002, Felix Cuello wrote:
> Hello!
>
> I was installed Cyrus 2.1.8 with SASL 2.1.7 in my Linux Redhat 7.3, and I have some
> troubles to use SSL + SASLAUTHD + openLDAP.
>
> I can search LDAP (using LDAPS) from netscape using
>
> ldaps://ldaps.mycomputer/dc=domain,dc=edu??sub?(uid=*felix*)
>
> But, when I try to login users using SASLAUTHD, I found that SASLauthd connects to LDAPserver but SSLv2 doesn't say HELLO. And the communication is broken at this point.
>
> Here are my saslauhtd.conf:
>
> ldap_servers: ldaps://upsoluciones.palermo.edu/
> ldap_bind_dn: uid=cyrus,ou=people,dc=palermo,dc=edu
> ldap_bind_pw: xxxxxxxx
> ldap_search_base: ou=people,dc=palermo,dc=edu
> ldap_tls_check_peer: yes
> ldap_tls_cacert_file: palermoca.pem
> ldap_tls_cacert_dir: /usr/share/ssl/certs/
>
I have not tried this myself, but my guess is that check peer is
failing. Try to specify
ldap_tls_cacert_file: /usr/share/ssl/certs/palermoca.pem and restart
saslauthd.
Can you provide slapd connection logs? saslauthd will also give you
errors in the syslog.
--
Igor
More information about the Info-cyrus
mailing list