On Mon, May 22, 2006 at 11:21:53AM +1000, Alexander Samad wrote: > On Sun, May 21, 2006 at 05:29:49PM -0700, Steve Langasek wrote:
> I tried setting ssl=on in the /etc/ldap/ldap.conf file ( I downloaded > the source and had a look at ldap.c) but that made no difference, but I > did notice there was a section that was #ifdef out for ssl - it had > another type of bind function call. > When I changed the ssl=on the debug info was the same except that ssl > (yes) was printed out instead of ssl (no) Ok. > I have set it up so that client authentication is not need for ldaps. However, I believe that by default libldap requires access to a trusted copy of the *server* certificate in order to establish an ldaps connection. Is it possible that pam_ldap and nss_ldap have access to *this* certificate, while sudo-ldap does not? -- Steve Langasek Give me a lever long enough and a Free OS Debian Developer to set it on, and I can move the world. [EMAIL PROTECTED] http://www.debian.org/
signature.asc
Description: Digital signature
