Security
cancel
Showing results for 
Search instead for 
Did you mean: 

LDAP issues on connecting through SSL port 636

 
Highlighted
Poornimabt
Occasional Contributor

LDAP issues on connecting through SSL port 636

For few applications, the LDAP authentication is migrating from 389 to 636 through ssl in UNIX servers.

The SSL CA certificates are imported in cert8.db. But on establishing the connection through below functions it is throwing the error as "Can't connect to ldap" 

int LDAP_CALL ldapssl_client_init( <provided the path for cert8.db>, NULL);
LDAP * LDAP_CALL ldapssl_init( const char *defhost, int defport, int defsecure );

In cert8.db the CA certs are imported in *.crt format. Please let us know anything has to be done to enable the authentication, also confirm the CA certs formats to be imported in cert8.db

The application is running in HP UX 11.31 . The application is working fine on connecting to the port 389 and the authentication fails on connecting to the port 636

On running the openssl command, the below error occurred. We suspect the error was due to the certifcates were imported in cert8.db

openssl s_client -connect hostname:636  -->  the error "verify error:num=20:unable to get local issuer certificate"

Also,

Ldapsearch command returned --> Can’t connect LDAP server (-1)