This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal


~Richard Frohipilitjip
Oct 29, 2014, 2:10 PM
27 Posts

LDAP Problem with SSL Port 636

  • Category: Administration
  • Platform: Linux
  • Release: 9.0.1
  • Role: Administrator
  • Tags: LDAP
  • Replies: 3

Hi,

Domino as LDAP for third party system works perfect on Port 389, BUT:

If i'm trying to use 636, client throws this error:

Problem with RootDSE-Content

Problem occurs in loading entry RootDSE from host.domain.com:636

The LDAP Server uses an official certificate which is valid.

What can i do ?

Thanks

Uwe

~Fred Umkivitchli
Oct 30, 2014, 11:20 AM
48 Posts
LDAP with SSL Port 636
In order for ldapsearch to work over SSL (port 636), the Domino Directory (names.nsf) must have the Certificate Authority (CA) included
in the trusted certificates.  When using ldapsearch.exe from the Lotus Notes client, follow the steps outlined in the following technote


Title:        How to retrieve an Internet Cross Certificate using Lotus Notes 6
Doc #:        1108117
URL:        http://www.ibm.com/support/docview.wss?uid=swg21108117


Also do a "show tasks" at the command prompt and see if the ldap task
is running?
~Ned Umlutherettu
Oct 31, 2014, 3:02 PM
113 Posts
listening on...
the Show Tasks will not only confirm that LDAP is running
but listening on the expected ports 389, 636
~Richard Frohipilitjip
Nov 5, 2014, 1:07 PM
27 Posts
Status

sorry for the late response ...

sh tasks shows as expected:

 LDAP Server          Listen for connect requests on TCP Port:389 SSL Port:636

ldapsearch comes not from notesclient. I'm using it from a third party linux machine.

Tom, i don't know how to add a new CA certificate to the Domino dirctory. 

There is a button 'Add' but i can only puttin some text but no keyfile.


This forum is closed to new posts and responses. Individual names altered for privacy purposes. The information contained in this website is provided for informational purposes only and should not be construed as a forum for customer support requests. Any customer support requests should be directed to the official HCL customer support channels below:

HCL Software Customer Support Portal for U.S. Federal Government clients
HCL Software Customer Support Portal