On Wed, 2010-10-06 at 09:49 -0400, Scott Robbins wrote: > On Wed, Oct 06, 2010 at 03:32:03PM +0200, Mathieu Baudier wrote: > > > Did you, on the server, change the new, undocumented, /etc/sysconfig/ldap > > > file's entry for SLAPD_LDAPS and restart the ldap service on the server? > > > > This settings was indeed set to no. > > > > I changed the settings to yes and restarted the service, but it did > > not change anything. > > About the only other thing I can think of is an issue I ran into on > later versions of Fedora. Now, /etc/openldap/ldap.conf needs > TLS_REQCERT allow, but I think that's a Fedora thing. (On the other > hand, we're only using CentOS as a server, not a client.) ---- TLS_REQCERT allow is not a Fedora thing but rather typically necessary when you use a self-signed cert because there is no chain to a recognized CA. Thus any client whether Fedora, Ubuntu or CentOS might very well need that configuration. Craig -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean.