Re: Connect Solaris ldapclient to a Oracle internet directory
Date: Mon, 14 Jul 2008 03:36:18 -0700 (PDT)
Message-ID: <692948ef-7f4b-413b-9c58-84a8b47d61cd@a1g2000hsb.googlegroups.com>
On 14 Jul., 10:39, denis <Denis.Nick..._at_googlemail.com> wrote:
> On 3 Jul., 19:27, "Neal A. Lucier" <nluc..._at_math.purdue.edu> wrote:
>
>
>
>
>
> > Denis wrote:
> > > Now I would like to use SSL. The Solaris client needs PKCS12 formated
> > > key.db files. My problem is to get this keys in the right format.
>
> > On Solaris 10 if you have the CA certificate that signed your LDAP server's
> > certificate and it is base64 encoded then the following commands will create the
> > certificate database, import the certificate, and list the contents of the
> > database, see
>
> >http://www.mozilla.org/projects/security/pki/nss/tools/certutil.html
>
> > /usr/sfw/bin/certutil -N -d /var/ldap
>
> > # the following command is all one line
> > /usr/sfw/bin/certutil -A -d /var/ldap -n name_of_cert_in_db -t C,, -a -i
> > /path/to/cert/cert.txt
>
> > /usr/sfw/bin/certutil -L -d /var/ldap
>
> > Neal
>
> Sad but true i am still fighting against SSL.
> The problem:
> libsldap: Status: 7 Mesg: Session error no available conn.
> libsldap: Status: 81 Mesg: openConnection: simple bind failed - Can't
> contact LDAP server
>
> I tried ldapsearch and -list
>
> /usr/sfw/bin/certutil -L -d /var/ldap/
> testserver CT,C,c
> prodserver CT,C,c
> CA CT,,
>
> snoop:
> LDAP: *[LDAPMessage]
> LDAP: [Message ID]
> LDAP: Operation *[APPL 4:
> Search ResEntry]
> LDAP: [Object Name]
> LDAP: *[Partial
> Attributes]
> LDAP: *[Attribute]
> LDAP: [Type]
> LDAP:
> supportedco
> LDAP:
> ntrol
> LDAP: *[Vals]
> LDAP:
> [Value]
> LDAP:
> 2.16.840.
> LDAP:
> 1.113730.
> LDAP:
> 3.4.2
> LDAP:
> [Value]
> LDAP:
> 2.16.840.
> LDAP:
> 1.113894.
> LDAP:
> 1.8.1
> LDAP:
> [Value]
> LDAP:
> 2.16.840.
> LDAP:
> 1.113894.
> LDAP:
> 1.8.2
> LDAP:
> [Value]
> LDAP:
> 2.16.840.
> LDAP:
> 1.113894.
> LDAP:
> 1.8.3
> LDAP:
> [Value]
> LDAP:
> 2.16.840.
> LDAP:
> 1.113894.
> LDAP:
> 1.8.4
> LDAP:
> [Value]
> LDAP:
> 2.16.840.
> LDAP:
> 1.113894.
> LDAP:
> 1.8.5
> LDAP:
> [Value]
> LDAP:
> 2.16.840.
> LDAP:
> 1.113894.
> LDAP:
> 1.8.6
> LDAP:
> [Value]
> LDAP:
> 2.16.840.
> LDAP:
> 1.113894.
> LDAP:
> 1.8.7
> LDAP:
> [Value]
> LDAP:
> 1.2.840.1
> LDAP:
> 13556.1.4
> LDAP: .
> 473
> LDAP:
> [Value]
> LDAP:
> 1.2.840.1
> LDAP:
> 13556.1.4
> LDAP: .
> 319
> LDAP:
> [Value]
> LDAP:
> 2.16.840.
> LDAP:
> 1.113894.
> LDAP:
> 1.8.14
> LDAP:
> [Value]
> LDAP:
> 2.16.840.
> LDAP:
> 1.113894.
> LDAP:
> 1.8.16
> LDAP:
> [Value]
> LDAP:
> 2.16.840.
> LDAP:
> 1.113894.
> LDAP:
> 1.8.23
> LDAP:
> [Value]
> LDAP:
> 2.16.840.
> LDAP:
> 1.113894.
> LDAP:
> 1.8.29
> LDAP: *[Attribute]
> LDAP: [Type]
> LDAP:
> supportedsa
> LDAP:
> slmechanism
> LDAP:
> s
> LDAP: *[Vals]
> LDAP:
> [Value]
> LDAP:
> DIGEST-MD
> LDAP:
> 5
> LDAP: LDAP:
> *[LDAPMessage]
> LDAP: [Message ID]
> LDAP: Operation *[APPL 5:
> Search ResDone]
> LDAP: [Result Code]
> LDAP: Success
> LDAP: [Matched DN]
> LDAP: [Error Message]
> LDAP:
> TCP: Destination port = 389 (LDAP)
> LDAP: ----- LDAP: -----
> LDAP:
> LDAP: ""
> LDAP:
> TCP: Destination port = 389 (LDAP)
> LDAP: ----- Lightweight Directory Access Protocol Header -----
> LDAP: *[LDAPMessage]
> LDAP: [Message ID]
> LDAP: Operation [APPL 2:
> Unbind Request]
>
> ldapclient
> NS_LDAP_AUTH= tls:simple
>
> I found out that there are some issues arround LDAP and SSL under
> Solaris:
> http://www.mail-archive.com/fedora-directory-us...@redhat.com/msg02100.html- Zitierten Text ausblenden -
>
> - Zitierten Text anzeigen -
different URL same content:
http://osdir.com/ml/redhat.fedora.directory.user/2006-02/msg00189.html
Received on Mon Jul 14 2008 - 05:36:18 CDT