這是本文件的舊版!
OpenLDAP
View cn=config
ldapsearch -Y EXTERNAL -H ldapi:/// -b cn=config
OpenLDAP with SSL/TLS
我參考了此篇教學產生certification file與設定,結果一直無法正常連線。於是透過以下command打開debug mode:
/usr/sbin/slapd -d 1 -h "ldap:/// ldapi:/// ldaps:///" -g openldap -u openldap -F /etc/ldap/slapd.d出現以下錯誤訊息:
56f10002 slap_listener_activate(10): 56f10002 >>> slap_listener(ldaps://) 56f10002 connection_get(19): got connid=1001 56f10002 connection_read(19): checking for input on id=1001 TLS: can't accept: Could not negotiate a supported cipher suite.. 56f10002 connection_read(19): TLS accept failure error=-1 id=1001, closing 56f10002 connection_close: conn=1001 sd=19最後試出在Ubuntu 14.04下的slapd,可以參考此篇教學做法,將certification file設定給匯進去。