Improve company productivity with a Business Account.Sign Up

x
?
Solved

Solaris Ruby -> MS ActiveDirectory/LDAP using a certificate? (and testing with ldapsearch)

Posted on 2008-06-23
1
Medium Priority
?
1,208 Views
Last Modified: 2013-12-27
I am trying to make an LDAP connection from Ruby in Solaris (currently using Net::LDAP), over SSL, with a provided certificate file.

There are enough unknowns that I'm not clear where my problem is.  I've also been trying to test using OpenLDAP's ldapsearch tool.

My client provided a file, "certnew.cer".  I have Ruby built, Net::LDAP installed, OpenSSL installed, and OpenLDAP (for client tools).

Here's my ldapsearch test attempt with result:

$ ldapsearch -b 'dc=subd,dc=client,dc=com' -h adapps.subd.client.com -p 636 -Z -N certnew.cer -W SomePassword -v '(objectclass=*)'
ldapsearch: started Mon Jun 23 21:13:35 2008

ldap_init( adapps.subd.client.com, 636 )
SSL initialization failed: error -8174 (security library: bad database.)
~~~

I assume it makes more sense to get ldapsearch working before attempting this in Ruby (as my Ruby efforts fail as well, but leave more room for error on my part).

Thanks
0
Comment
Question by:michaelteter
1 Comment
 
LVL 27

Accepted Solution

by:
Nopius earned 750 total points
ID: 21852292
http://docs.sun.com/source/816-6698-10/ssl.html#18560

> Configuring Server Authentication in Clients

> When a client establishes an SSL connection with a server, it must trust the certificate presented by the server. In order to do so, the client must:

>    * Have a certificate database.

It seems you have no certificate database on a client... Read the article above on how to configure your certificate database.
0

Featured Post

What Kind of Coding Program is Right for You?

There are many ways to learn to code these days. From coding bootcamps like Flatiron School to online courses to totally free beginner resources. The best way to learn to code depends on many factors, but the most important one is you. See what course is best for you.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Originally, this post was published on Monitis Blog, you can check it here . It goes without saying that technology has transformed society and the very nature of how we live, work, and communicate in ways that would’ve been incomprehensible 5 ye…
If you’re involved with your company’s wide area network (WAN), you’ve probably heard about SD-WANs. They’re the “boy wonder” of networking, ostensibly allowing companies to replace expensive MPLS lines with low-cost Internet access. But, are they …
In this video we outline the Physical Segments view of NetCrunch network monitor. By following this brief how-to video, you will be able to learn how NetCrunch visualizes your network, how granular is the information collected, as well as where to f…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…

605 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question