[Fedora-directory-users] solaris 10 SSL connections
George Holbert
gholbert at broadcom.com
Thu Feb 16 22:17:07 UTC 2006
>
> how did you verify that SSL is working? Did you sniff it or what?
Yes, using snoop.
I should say I didn't debug it using ldapsearch, so I'm still not sure
what's going on with that in your case. But, since your end goal is
ldap name service over SSL, have you tried that yet on the Solaris 10
client? If nothing else, it might spew some error messages (in
/var/adm/messages) that give some new clues.
Susan wrote:
> --- George Holbert <gholbert at broadcom.com> wrote:
>
>
>> *|# Add your ascii CA certificate to the cert DB.
>> certutil -A -n "Susan's CA" -t "C,," -a -i ./susans-cacert.pem -d /var/ldap
>> # List the contents of your cert DB.
>> |***|certutil -L -d /var/ldap|**
>>
>
> did all that, imported w/o problems:
>
> -bash-3.00# /usr/sfw/bin/certutil -L -d /var/ldap
> CA certificate C,,
>
> ________________________________________________
>
> However, this:
>
> ldapsearch -b "ou=profile,dc=composers,dc=company,dc=com" -h cnyitlin02 -L "cn=*" -Z -p 636 -P
> /var/ldap/
>
> still transmits clear text.
>
>
>
>> Try this first using certutil as included with Solaris 10
>> (/usr/sfw/bin/certutil). I think this will create a cert8 file.
>>
>
>
> It does. Doesn't seem to do any good, however.
>
> how did you verify that SSL is working? Did you sniff it or what?
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam? Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
More information about the Fedora-directory-users
mailing list