Re: ADAM & SSL connect over SSL

Tech-Archive recommends: Repair Windows Errors & Optimize Windows Performance

Another thing to check is to make sure the ADAM instance is actually able to
do the server side SSL stuff. It needs to have access to the private key of
the certificate and also trust the cert chain. There may be some errors
(Schannel in event log or possibly something in the ADAM event log, not
sure) on the server if that isn't working properly.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"greg.drap" <gregory.draperi@xxxxxxxxx> wrote in message
news:1168419534.166413.231210@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
Hello,
I installed the root CA certificate with http://localhost/certsrv and
I can see the certificate in the Trusted Root Certificate Autorities in
local computer.I'm trying to connect with ldp.exe to my Adam and I have
this error message :

Error <0x51>: Fail to connect to CG69-SERVER.rhone.fr.
ld = ldap_sslinit("CG69-SERVER.rhone.Fr", 60000, 1);
Error 81 = ldap_set_option(hLdap, LDAP_OPT_PROTOCOL_VERSION, 3);
Error 81 = ldap_connect(hLdap, NULL);
Server error: <empty>

I check errors in the System event log but there is nothing.

Thanks for you help

Greg Drap

Joe Kaplan wrote:
Yep, also check for errors from Schannel in the System event log (on the
client) to get more debugging info as to why the remote client can't
connect.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services
Programming"
http://www.directoryprogramming.net
--
"Marc Lognoul" <MarcLognoul@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:130265EF-1877-4913-89BB-69EE9B607A69@xxxxxxxxxxxxxxxx
Make sure the remote client is aware of you CA hierachy, mainly by
installing
the root CA certitificate on the client.
Depending on the client type and configuration, you may have more
things
to
check.
Please reply with details for more info.

Marc

"greg.drap" wrote:

Hi

I installed a CA on a local computer with ADAM and I can connect with
ldp to ADAM over SSL in local but when I try to connect remotely it
doesn't work.
I can connect remotely over LDAP to ADAM so I believe it's a trouble
of
certificates.

I install the CA certificate with certsrv.

There is something which I miss?

Thanks for your help.

Greg





.

Relevant Pages

  • Re: regarding retrival of server certificate
    ... certificate As X509Certificate, _ ... ICertificatePolicy isn't much more difficult to implement, ... Joe Kaplan-MS MVP Directory Services Programming ... access your server and get the proxies working correctly by configuring ...
    (microsoft.public.dotnet.security)
  • Re: ADAM with ssl
    ... Using a certificate with an ADAM instance ... on the ADAM server request and install a server certificate ...
    (microsoft.public.windows.server.active_directory)
  • Re: ADAM with ssl
    ... Using a certificate with an ADAM instance ... on the ADAM server request and install a server certificate ...
    (microsoft.public.windows.server.active_directory)
  • How to setup SChannel Security?
    ... I am currently participating in the ADAM ... I am trying to set the ADAM LDAP Port to 389 and the SSL ... Certificate Services -standalone mode. ... Certificate to make my Certificate Server a "trusted root ...
    (microsoft.public.win2000.security)
  • Re: regarding retrival of server certificate
    ... I think it might be better if you just try one of the samples for SslStream ... Joe Kaplan-MS MVP Directory Services Programming ... get a server certificate for validation and authentication. ...
    (microsoft.public.dotnet.security)