Solved

Solaris Ruby -> MS ActiveDirectory/LDAP using a certificate? (and testing with ldapsearch)

Posted on 2008-06-23
1
1,174 Views
Last Modified: 2013-12-27
I am trying to make an LDAP connection from Ruby in Solaris (currently using Net::LDAP), over SSL, with a provided certificate file.

There are enough unknowns that I'm not clear where my problem is.  I've also been trying to test using OpenLDAP's ldapsearch tool.

My client provided a file, "certnew.cer".  I have Ruby built, Net::LDAP installed, OpenSSL installed, and OpenLDAP (for client tools).

Here's my ldapsearch test attempt with result:

$ ldapsearch -b 'dc=subd,dc=client,dc=com' -h adapps.subd.client.com -p 636 -Z -N certnew.cer -W SomePassword -v '(objectclass=*)'
ldapsearch: started Mon Jun 23 21:13:35 2008

ldap_init( adapps.subd.client.com, 636 )
SSL initialization failed: error -8174 (security library: bad database.)
~~~

I assume it makes more sense to get ldapsearch working before attempting this in Ruby (as my Ruby efforts fail as well, but leave more room for error on my part).

Thanks
0
Comment
Question by:michaelteter
1 Comment
 
LVL 27

Accepted Solution

by:
Nopius earned 250 total points
ID: 21852292
http://docs.sun.com/source/816-6698-10/ssl.html#18560

> Configuring Server Authentication in Clients

> When a client establishes an SSL connection with a server, it must trust the certificate presented by the server. In order to do so, the client must:

>    * Have a certificate database.

It seems you have no certificate database on a client... Read the article above on how to configure your certificate database.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
CMDB relationships for hardware assets 2 72
Expanding Subnet Mask 20 106
How to calculate the netmask 5 54
Help with a subnetting question 7 42
When you try to share a printer , you may receive one of the following error messages. Error message when you use the Add Printer Wizard to share a printer: Windows could not share your printer. Operation could not be completed (Error 0x000006…
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Learn several ways to interact with files and get file information from the bash shell. ls lists the contents of a directory: Using the -a flag displays hidden files: Using the -l flag formats the output in a long list: The file command gives us mor…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

776 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question