OpenLDAP over SSL (OpenSSL) on Windows
After some trouble I have managed to get an OpenLDAP application running. I have it running on the Windows platform and I plan to implement a Java application which can access and manipulate some variables in the AD.
But this needs to run over SSL. Since I'm running OpenLDAP I thought it would be best to run it with OpenSSL.
On both sides I have an LDAPSoft browser running, which I have found to be the easiest one to manage certificates with.
I have tried to find out how to generate the needed certificates and where to place them to get the LDAP over SSL running. Further I have found out that it is needed to insert following SSL attributes:
into the slapd.conf file of the server to get it running, but still not sure if I'm doing the right thing, since I can't connect to the server over SSL.
I'm hoping some of you guys have some suggestions on how to do this.
Thank you in advance
A little correction to the last post, the server key is placed in:
But it surprisses me that noone has responded although a few days have past since I posted this.
I could add that I have found and followed the manual: Creating seflsigned certificate using OpenSSL - dylanbeattie.net/docs/openssl_iis_ssl_howto.html but I can't get it to work. The request file I have generated using java sdk keytool instead of the IIS way refered to in that manual and given the filenames the ending .pem instead of .cer.
Further more have I in the OpenLDAP documentation read that the the server CN must contain the server's fully qualified domain name, which in my case is a local domain name and not a www adress, is this possible?
Thanx in advance
I solved my problem by starting the ldap server with the following syntax:
slapd -h "ldap:/// ldaps:///"
Earlier I was starting it with:
slapd -d 1
With netstat i found out that the last didn't listen on the ssl port 636.
July 25th, 2008, 07:03 AM
Originally Posted by gocin
this is sundar,
since last two days i m trying to configure ssl port in openldap .i m not able to configure.i have created certificate using openssl and i placed that certificate in openladp .i have changed slapd config also .and
i tried slapd -h "ldap:/// ldaps:///"[/B]
i dont know why i m not able to connect my openLDAP in ssl port.
please help me
July 25th, 2008, 07:06 AM
Originally Posted by sundarapandian
if u have any configuration material .for openssl and open ldap please sent me.
Thanks in advance
July 25th, 2008, 07:38 AM
You can check this doc I wrote (pdf) which details how I generated my own certificates with OpenSSL on Windows.
Originally Posted by gocin
Hope this helps