• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1205
  • Last Modified:

Solaris Ruby -> MS ActiveDirectory/LDAP using a certificate? (and testing with ldapsearch)

I am trying to make an LDAP connection from Ruby in Solaris (currently using Net::LDAP), over SSL, with a provided certificate file.

There are enough unknowns that I'm not clear where my problem is.  I've also been trying to test using OpenLDAP's ldapsearch tool.

My client provided a file, "certnew.cer".  I have Ruby built, Net::LDAP installed, OpenSSL installed, and OpenLDAP (for client tools).

Here's my ldapsearch test attempt with result:

$ ldapsearch -b 'dc=subd,dc=client,dc=com' -h adapps.subd.client.com -p 636 -Z -N certnew.cer -W SomePassword -v '(objectclass=*)'
ldapsearch: started Mon Jun 23 21:13:35 2008

ldap_init( adapps.subd.client.com, 636 )
SSL initialization failed: error -8174 (security library: bad database.)
~~~

I assume it makes more sense to get ldapsearch working before attempting this in Ruby (as my Ruby efforts fail as well, but leave more room for error on my part).

Thanks
0
michaelteter
Asked:
michaelteter
1 Solution
 
NopiusCommented:
http://docs.sun.com/source/816-6698-10/ssl.html#18560

> Configuring Server Authentication in Clients

> When a client establishes an SSL connection with a server, it must trust the certificate presented by the server. In order to do so, the client must:

>    * Have a certificate database.

It seems you have no certificate database on a client... Read the article above on how to configure your certificate database.
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Tackle projects and never again get stuck behind a technical roadblock.
Join Now