Re: LDAPS connection error on 636

Do you see an error from schannel in the System event log that corresponds
to the failure on either the client or the DC? Generally, SSL problems will
be related to either the server having problems using the certificate you
issued or the client won't trust the certificate for some reason.

On the server side, sometimes the server does not have the private key for
the cert installed correctly or the cert is in the wrong store. Also,
depending on who issued the certificate, the server may not trust it.

If the server is able to process the certificate correctly, then on the
client side, the issue is usually either that the client does not trust the
server's cert because its issuer doesn't chain to a trusted root on the
client machine or the DNS name of the cert does not match the DNS name used
to connect to the server.

Usually, an error from schannel in the System event log will give you
details regarding the exact nature of the problem.

Joe K.

--
Joe Kaplan-MS MVP Directory Services Programming
Co-author of "The .NET Developer's Guide to Directory Services Programming"
http://www.directoryprogramming.net
--
"Shon Miles" <ShonMiles@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:95AB5BA1-5DB5-40ED-965F-A8631D1721EA@xxxxxxxxxxxxxxxx
I just followed this article,
http://support.microsoft.com/default.aspx/kb/321051, and I have the cert
back
and installed and rebooted but when I do the connection attempt I get this
message:

ld = ldap_open("ourDCname here", 636);
Error <0x51>: Fail to connect to ourDCname here.

Any ideas?


.

Relevant Pages

  • BUG?: Cant disable "Trusted" for Certificates Issued by MS Certificate Server
    ... Server: Win2K Advanced Server SP4, ... Client: Win2K Pro SP4, ... cert for IIS with MS Certificate Server, ... Certificate Server whenever I tried to connect from IE to IIS. ...
    (microsoft.public.platformsdk.security)
  • BUG?: Cant disable "Trusted" for Certificates Issued by MS Certificate Server
    ... Server: Win2K Advanced Server SP4, ... Client: Win2K Pro SP4, ... cert for IIS with MS Certificate Server, ... Certificate Server whenever I tried to connect from IE to IIS. ...
    (microsoft.public.inetserver.iis.security)
  • BUG?: Cant disable "Trusted" for Certificates Issued by MS Certificate Server
    ... Server: Win2K Advanced Server SP4, ... Client: Win2K Pro SP4, ... cert for IIS with MS Certificate Server, ... Certificate Server whenever I tried to connect from IE to IIS. ...
    (microsoft.public.win2000.security)
  • Re: Cant disable "Trusted" for Certificates Issued by MS Certificate Server
    ... What usages does the root certificate of your MS Certificate Server have ... > I have been preparing to configure the above server for SSL with server> and client authentication for awhile. ... > Then, using the IIS server certificate wizard, I deleted the original MS> Certificate Server-issued server cert, then created a new server> certificate request, which I then sent to my commerical CA one night. ...
    (microsoft.public.platformsdk.security)
  • Re: Cant disable "Trusted" for Certificates Issued by MS Certificate Server
    ... What usages does the root certificate of your MS Certificate Server have ... > I have been preparing to configure the above server for SSL with server> and client authentication for awhile. ... > Then, using the IIS server certificate wizard, I deleted the original MS> Certificate Server-issued server cert, then created a new server> certificate request, which I then sent to my commerical CA one night. ...
    (microsoft.public.inetserver.iis.security)
Loading