06-20-2023 10:46 AM
Hello,
I am using the following guide to set up AD external authentication over TLS and getting the following error:
Opening connection to LDAP server - XXXXXXXXXX:389 - ldap
Current TLS Require Cert: 4
Current TLS CACERTFILE: /var/tmp/HsmvFZQrBM/temp0.pem
Failed to issue StartTLS instruction: Connect error - -11
The directory server is up XXXXXXXXXX:389
The hostname field is set up to match the certificate installed on the DC and I am uploading the Root certificate as base64 PEM format. Not sure what the issue is, anyone run into this?
Thanks!
Solved! Go to Solution.
06-21-2023 10:37 AM
Hey Aref,
Thanks for the reply. SSL uses port 636 but TLS uses 389 using STARTTLS, so that's not the issue. It had something to do with the root cert I was uploading, wish I could say what it was but it finally took and is working properly.
Thanks!
06-21-2023 10:15 AM - edited 06-21-2023 10:16 AM
On the provided output I see the negotiation is happening on port 389 which is the traditional unencrypted LDAP port, not the LDAPS port. LDAPS runs on port 636 by default.
06-21-2023 10:37 AM
Hey Aref,
Thanks for the reply. SSL uses port 636 but TLS uses 389 using STARTTLS, so that's not the issue. It had something to do with the root cert I was uploading, wish I could say what it was but it finally took and is working properly.
Thanks!
06-21-2023 10:41 AM
Can I know what is issue with root cert.
Thanks alot
MHM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide