Re: LDP client authentication fails

When you say you have copied the personal certificate of the server into the
Trusted Root Certificates Authority, I am unclear as to what you mean. What
you should have done is copy the Root CA of the server certificate into the
clients Trusted Root Certificate Authority Store. Does the client also have
a cert and have you provided the server with the clients Root CA and placed
that in its store?

The two need to trust one another's certificates before communications will
occur.

--
Paul Bergson
MVP - Directory Services
MCT, MCSE, MCSA, Security+, BS CSci
2003, 2000 (Early Achiever), NT

http://www.pbbergs.com

Please no e-mails, any questions should be posted in the NewsGroup
This posting is provided "AS IS" with no warranties, and confers no rights.

"Romil Shah" <Romil Shah@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:E46868D3-9D30-48F0-90F3-DA9B716E0F2C@xxxxxxxxxxxxxxxx
Hello,

I am using LDP.exe as a client to communicate with LDAP server.
LDAP server is configured to use SSL with client server authentication .

I have copied the personal certificate of server into the Trusted Root
Certificate Authoroties.

I found that ldp.exe fails to connect to server. SSL handshaking fails .

The queries that I have are as follows:
1) Does LDP.exe authenticates to server ( client authentication is
supported
? )
I am using Windows 2003 with SP1 installed.
I found that in Windows 2000 SP4 a bug on similar line is fixed .
(811288 )
Is this bug fixed in windows 2003 with SP1 installed ?

2) If client authentication is supported then which personal certificate
does ldp.exe send to server for authentication and where is the personal
certificate stored on windows ?

Looking forward for your suggestions .

Thanks,
Romil Shah





.

Relevant Pages

  • Re: Need for encryption in WSE 3.0 if using SS-avoid man-in-middle
    ... SSL only validates you are talking to a SSL certified server; ... They can simply edit the URL the client program ... can be done by using a X.509 certificate on both ends, ...
    (microsoft.public.dotnet.framework.aspnet.security)
  • Re: LDP client authentication fails
    ... I got the LDP working with LDAP server under server client authentication ... I did not installed the certificate in pfx format .. ... Client cert auth won't work without that. ...
    (microsoft.public.windows.server.active_directory)
  • Re: SSL & Man In the Middle Attack
    ... >> it possible for the middle man to intercept all messages from server to me ... > server sends client a signed message along with a digital certificate. ... > client generates a random secret key, ...
    (comp.security.misc)
  • Re: activesync issue
    ... On the SBS 2003 Server open the Server Management console. ... On the "Web Server Certificate" page, choose to create a new Web server ... Install the new certificate which created in above step on mobile device: ... Access to browse the Exchange Server 2003 client after you install ...
    (microsoft.public.windows.server.sbs)
  • Re: Need for encryption in WSE 3.0 if using SS-avoid man-in-middle
    ... order to detect we are connected to the wrong server (even though its SSL ... certificate is OK and valid by Verisign); we would need a client certificate. ... this can be detected by SSL/HTTPS client in ...
    (microsoft.public.dotnet.framework.aspnet.security)