Feb 092009
 

Sometimes this is necessary since the server “appears” to be running (netstat -an|grep 636 returns port in LISTEN state, but the daemon behind is not operative because (for instance) the certificate has not been installed.

If this is the case, grab an openssl client and issue the following command:

openssl s_client host <address of the target host> –port 636 (this is LDAPS standard port)

If server does have valid certificate you should get answer like:

If it does not, you’ll get something like this:

image

 Leave a Reply

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>

(required)

(required)