1 Nov
2008
1 Nov
'08
8:26 p.m.
Hi Steve,
On Sat, Nov 1, 2008 at 09:30, Steve Thompson smt@vgersoft.com wrote:
# grep ^updateref /etc/openldap/slapd.conf
updateref ldaps://ldap1.cbe.cornell.edu
If you are using "ssl start_tsl" you have to use ldap:// and not ldaps:// in your referrals, otherwise LDAP client will try to open a TLS session inside the connection which is already a SSL session. If you change that in your configuration file, it should work fine.
Alternatively you could use ldaps:// on the clients instead, by using "ssl on" or "uri ldaps://..." instead of "host ...".
HTH, Filipe