Hi all, I'm trying to use openLDAP as NIS replacement. This is working fine. The Server is listening on LDAP and LDAPS and the clients are configured to use LDAPS. So far it is running. If I got this right, LDAPS is not the recomanded method for tls, but start_tls is. I have tried to use start_tls in a perl script, and get only unencrypted connections. Making a perl script as simple as possible I found $test to be "2" (LDAPv2) which resultes in an error trying Start_tls. The script is: #!/usr/bin/perl -w use Net::LDAP; $ldap = Net::LDAP->new('buddy.io-software.com') or die "$@"; $test = $ldap->version() ; print " $test \n"; but from /usr/sysconfig/openldap I thought it should be 3 (LDAPv3) for openldap Versions > 2: # # If set to "yes" the "ldap over ssl" feature of slapd will be enabled. Don't # forget to add the "TLSCertificateFile" and "TLSCertificateKeyFile" options # to the /etc/openldap/slapd.conf (man slapd.conf). # Note: Don't confuse this with "START_TLS", the preferred method for # making encrypted LDAP connections, which is enabled as soon as You # specify "TLSCertificateFile" and "TLSCertificateKeyFile" in your config # file # and rpm gives: #rpm -qi openldap2 Name : openldap2 Relocations: (not relocateable) Version : 2.1.4 Vendor: SuSE Linux AG, Nuernberg, Germany Release : 68 Build Date: Thu Dec 12 13:53:46 2002 Install date: Thu Jan 23 16:05:23 2003 Build Host: wiles.suse.de Group : Productivity/Networking/LDAP/Servers Source RPM: openldap2-2.1.4-68.src.rpm Size : 6406919 License: Other License(s), see package Packager : http://www.suse.de/feedback Summary : The new OpenLDAP Server (LDAPv3) Description : The Lightweight Directory Access Protocol (LDAP) is a protocol for accessing online directory services. It runs directly over TCP, and can be used to access a standalone LDAP directory service or to access a directory service that is back-ended by X.500 Authors: -------- Kurt Zeilenga <kurt@openldap.org> Distribution: SuSE Linux 8.1 (i386) Thanks for ideas, Thomas Kerkau -- www.ArcStyler.com - the Architectural IDE for MDA:J2EE/.NET/EAI -> CyberOne Award -> Winner Crossroads A-List Award USA -> IBM Solution Excellence Award winner for Hot Java Solution -> European Information Society Technologies Prize Winner -> Made with ArcStyler: http://www.io-software.com/customers -> OMG Press, John Wiley 2002 www.ConvergentArchitecture.com ----- < iO > --------------------------------------------------------- Interactive Objects Software GmbH mailto:Thomas.Kerkau@io-software.com http://www.io-software.com Basler Strasse 65, D-79100 Freiburg, Germany Tel: [+49]-761-40073-0, Fax: [+49]-761-40073-73 ----------------------------------------------------------------------