Results 1 to 6 of 6

Thread: Zimbra Ldap and TLS

  1. #1
    strikermdd is offline Active Member
    Join Date
    Nov 2007
    Location
    Brazil
    Posts
    42
    Rep Power
    7

    Default Zimbra Ldap and TLS

    Hello, i am facing a problem with the TLS authentication in my Zimbra Server. When i try to make a 'normal' bind in Zimbra ldap, its goes ok. But if i use the tls option, it's give me this error :

    May 6 11:30:30 ubuntu getent: nss-ldap: do_open: do_start_tls failed:stat=-1
    May 6 11:32:27 ubuntu getent: nss-ldap: do_open: do_start_tls failed:stat=-1
    May 6 11:36:56 ubuntu getent: nss-ldap: do_open: do_start_tls failed:stat=-1
    My ldap.conf :

    host marechal
    base dc=marechal,dc=saude,dc=al,dc=gov,dc=br
    binddn uid=zimbra,cn=admins,cn=zimbra
    bindpw MYPASSWD
    rootbinddn uid=zimbra,cn=admins,cn=zimbra
    port 389
    bind_policy soft
    nss_reconnect_tries 2
    uri ldap://marechal/
    ssl start_tls
    tls_cacertdir /opt/ca
    tls_checkpeer no
    I copied the files from my Zimbra Server ( /opt/zimbra/conf/ca ) to my other machine ( /opt/ca ) and i put a chmod 777 in the directory.

    Someone its the same problem or maybe know how i can fix this.

    Thanks

  2. #2
    strikermdd is offline Active Member
    Join Date
    Nov 2007
    Location
    Brazil
    Posts
    42
    Rep Power
    7

    Default

    sorry the double post, but anyone have some idea how i can fix this problem, i really need this to make my integrations with success specially with Samba, and posts here goes down really fast ...

  3. #3
    LMStone's Avatar
    LMStone is offline Moderator
    Join Date
    Sep 2006
    Location
    477 Congress Street | Portland, ME 04101
    Posts
    1,373
    Rep Power
    10

    Default

    More often than not this is caused by a certificate issue.

    There is a certificate SSL troubleshooting wiki article that may help.

    I would also check bugzilla, and the forums here searching for terms like "secure interprocess communications".

    Hope that helps get you started,
    Mark

  4. #4
    maxxer's Avatar
    maxxer is offline Trained Alumni
    Join Date
    Feb 2009
    Location
    Lecco, Italy
    Posts
    552
    Rep Power
    7

    Default

    did you ever solve this?
    happening the same here.
    thanks
    YetOpen S.r.l. ~ Your open source partner
    Lecco (LC) - ITALY
    http://www.yetopen.it

  5. #5
    strikermdd is offline Active Member
    Join Date
    Nov 2007
    Location
    Brazil
    Posts
    42
    Rep Power
    7

    Default

    no, i'm using without TLS at the moment. If anyone know how i use the tls with success, please, let me know too.

  6. #6
    maxxer's Avatar
    maxxer is offline Trained Alumni
    Join Date
    Feb 2009
    Location
    Lecco, Italy
    Posts
    552
    Rep Power
    7

    Default

    I did more than one install of Z+AD, most on Debian and Ubuntu 8.04, and never got this warning.
    Now the latest install was on 10.04, and even tough I can fetch user data from ldap (users, groups...) I get this annoying message flooding in syslog
    YetOpen S.r.l. ~ Your open source partner
    Lecco (LC) - ITALY
    http://www.yetopen.it

Thread Information

Users Browsing this Thread

There are currently 1 users browsing this thread. (0 members and 1 guests)

Similar Threads

  1. Enable LDAP over TLS _and_ SSL
    By LaFong in forum Administrators
    Replies: 7
    Last Post: 02-16-2010, 10:36 AM
  2. External LDAP auth + TLS + import cacert
    By flyerguybham in forum Administrators
    Replies: 7
    Last Post: 07-26-2009, 09:11 AM
  3. [SOLVED] 5.0.11 to 5.0.12 LDAP TLS Error
    By dan23945 in forum Installation
    Replies: 2
    Last Post: 01-28-2009, 01:16 PM
  4. External LDAP Auth with TLS
    By bvsantos in forum Administrators
    Replies: 1
    Last Post: 05-13-2008, 09:20 AM
  5. Replies: 1
    Last Post: 11-23-2005, 01:35 PM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •