Zimbra Ldap and TLS

[strikermdd]

Hello, i am facing a problem with the TLS authentication in my Zimbra Server. When i try to make a 'normal' bind in Zimbra ldap, its goes ok. But if i use the tls option, it's give me this error :

Quote:

May 6 11:30:30 ubuntu getent: nss-ldap: do_open: do_start_tls failed:stat=-1
May 6 11:32:27 ubuntu getent: nss-ldap: do_open: do_start_tls failed:stat=-1
May 6 11:36:56 ubuntu getent: nss-ldap: do_open: do_start_tls failed:stat=-1

My ldap.conf :

Quote:

host marechal
base dc=marechal,dc=saude,dc=al,dc=gov,dc=br
binddn uid=zimbra,cn=admins,cn=zimbra
bindpw MYPASSWD
rootbinddn uid=zimbra,cn=admins,cn=zimbra
port 389
bind_policy soft
nss_reconnect_tries 2
uri ldap://marechal/
ssl start_tls
tls_cacertdir /opt/ca
tls_checkpeer no

I copied the files from my Zimbra Server ( /opt/zimbra/conf/ca ) to my other machine ( /opt/ca ) and i put a chmod 777 in the directory.

Someone its the same problem or maybe know how i can fix this.

Thanks

[strikermdd]

sorry the double post, but anyone have some idea how i can fix this problem, i really need this to make my integrations with success specially with Samba, and posts here goes down really fast ...

[LMStone]

More often than not this is caused by a certificate issue.

There is a certificate SSL troubleshooting wiki article that may help.

I would also check bugzilla, and the forums here searching for terms like "secure interprocess communications".

Hope that helps get you started,
Mark

[maxxer]

did you ever solve this?
happening the same here.
thanks

[strikermdd]

no, i'm using without TLS at the moment. If anyone know how i use the tls with success, please, let me know too.

[maxxer]

I did more than one install of Z+AD, most on Debian and Ubuntu 8.04, and never got this warning.
Now the latest install was on 10.04, and even tough I can fetch user data from ldap (users, groups...) I get this annoying message flooding in syslog