On Thu, 19 Sep 2002, Felix Cuello wrote:
> Hello! > > I was installed Cyrus 2.1.8 with SASL 2.1.7 in my Linux Redhat 7.3, and I have >some > troubles to use SSL + SASLAUTHD + openLDAP. > > I can search LDAP (using LDAPS) from netscape using > > ldaps://ldaps.mycomputer/dc=domain,dc=edu??sub?(uid=*felix*) > > But, when I try to login users using SASLAUTHD, I found that SASLauthd connects >to LDAPserver but SSLv2 doesn't say HELLO. And the communication is broken at this >point. > > Here are my saslauhtd.conf: > > ldap_servers: ldaps://upsoluciones.palermo.edu/ > ldap_bind_dn: uid=cyrus,ou=people,dc=palermo,dc=edu > ldap_bind_pw: xxxxxxxx > ldap_search_base: ou=people,dc=palermo,dc=edu > ldap_tls_check_peer: yes > ldap_tls_cacert_file: palermoca.pem > ldap_tls_cacert_dir: /usr/share/ssl/certs/ > I have not tried this myself, but my guess is that check peer is failing. Try to specify ldap_tls_cacert_file: /usr/share/ssl/certs/palermoca.pem and restart saslauthd. Can you provide slapd connection logs? saslauthd will also give you errors in the syslog. -- Igor
