On Mon, 2007-07-30 at 13:44 -0500, Saied W. Andalib wrote:
> I have a Solaris 9 client and have configured it as a client of
> fds-1.0.4 which runs on RHEL5. Without TLS, the Solaris client
> authenticates against the fds fine. But, if TLS is enabled on the Sun
> client, the ldapsearch commands runs ok, but, authentication fails.
> The nscd logs the following error message:
>
>
>
> Jul 30 13:31:01 thread nscd[1172]: [ID 293258 user.error] libsldap:
> Status: 91 Mesg: openConnection: failed to initialize TLS security
> (security library: bad database.)
>
> Jul 30 13:31:01 thread nscd[1172]: [ID 293258 user.error] libsldap:
> Status: 7 Mesg: Session error no available conn.
>
>
>
>
> I think the problem is related to the certificates on the Sun client
> but I'm not sure...
>
>
> Thanks,
>
> SWA
>
>
Do you have the certs copied to you Solaris client?
There's an example here:
http://blogs.sun.com/baban/entry/steps_to_setup_ssl_using
and here:
http://directory.fedoraproject.org/wiki/Howto:SolarisClient
I've also seen references that say to point netscape at
https://yourserver:636, keep the certificate forever and
copy .netscape/{cert7.db,key3.db} to /var/ldap on your Solaris client.
-Steve