How to establish SSL connection using LDAP Browser 2.6
SYMPTOMS
This article concerns LDAP Administrator versions 2.x or LDAP Browser versions 2.x.
Having an LDAP server profile created with the SSL configuration enabled, you still can't connect to the server. As a result, '[error 81] Can't contact LDAP server' is displayed.
CAUSE
This kind of behavior occurs due to the absence of necessary SSL certificates in the certificate database, or the absence of the certificate database itself. This certificate database is required for an LDAP client library to establish the SSL connection.
WORKAROUND
You should create and populate a certificate database containing the necessary certificates manually. To do this, please follow the procedure below:
* Download and install the Netscape web browser version 4.x. Note that it's vital to use version 4.x - later version like 5+ or Firefox use newer certificate store format which is incompatible with the version used by LDAP Browser 2.x.
* Run the Netscape browser.
* Open URL: https://yourserver:sslport/, where:
- yourserver - Your LDAP server address, provided it is an IP or host name. For example: 192.168.234.33 or ldap.mycompany.com.
- sslport - A TCPIP port number used by your server to accept SSL connections. Usually his port number is 636.
You'll see the Netscape Certificate Name Check window. Follow the instructions provided there and accept the server certificate for this and future sessions.
* Close the Netscape browser
* Copy the key3.db and cert7.db files from the Netscape user profile directory to the LDAP Administrator or LDAP Browser root directory.
* Restart LDAP Administrator or LDAP Browser.
* Open the server profile.
* Change Port number at the General tab. Press Apply.
* Check the Try to use SSL box at the LDAP Settings tab. Press Apply.
* Press OK.
This article concerns LDAP Administrator versions 2.x or LDAP Browser versions 2.x.
Having an LDAP server profile created with the SSL configuration enabled, you still can't connect to the server. As a result, '[error 81] Can't contact LDAP server' is displayed.
CAUSE
This kind of behavior occurs due to the absence of necessary SSL certificates in the certificate database, or the absence of the certificate database itself. This certificate database is required for an LDAP client library to establish the SSL connection.
WORKAROUND
You should create and populate a certificate database containing the necessary certificates manually. To do this, please follow the procedure below:
* Download and install the Netscape web browser version 4.x. Note that it's vital to use version 4.x - later version like 5+ or Firefox use newer certificate store format which is incompatible with the version used by LDAP Browser 2.x.
* Run the Netscape browser.
* Open URL: https://yourserver:sslport/, where:
- yourserver - Your LDAP server address, provided it is an IP or host name. For example: 192.168.234.33 or ldap.mycompany.com.
- sslport - A TCPIP port number used by your server to accept SSL connections. Usually his port number is 636.
You'll see the Netscape Certificate Name Check window. Follow the instructions provided there and accept the server certificate for this and future sessions.
* Close the Netscape browser
* Copy the key3.db and cert7.db files from the Netscape user profile directory to the LDAP Administrator or LDAP Browser root directory.
* Restart LDAP Administrator or LDAP Browser.
* Open the server profile.
* Change Port number at the General tab. Press Apply.
* Check the Try to use SSL box at the LDAP Settings tab. Press Apply.
* Press OK.
| Link: | www.ldapadministrator.com...Search for more tips related to this link |
| Rating: | no ratings, 0 total Votes |
| Categories: | network security |
| Added: | on Jan 26, 2009 at 4:22 am |
| Added By: | Softerra |
| Searches: | ldap browser certific ssl server |
