[asterisk-users] Re: [asterisk‑users] Integrating Asterisk with LDAP Realtime

Nick Couchman Nick.Couchman at seakr.com
Fri Sep 22 09:34:22 MST 2006 

> On Thu, 21 Sep 2006, Nick Couchman wrote: 
>> When I try to set the port to 636 in the res_ldap.conf file, I get bind 
>> errors ("Can't contact server...").  I imagine this is an issue with 
>> certificates and trust, but I'm not exactly sure where I need to put my 
>> CA certificate in order to make the ldap module happy. 

> Probably wherever openssl looks for them. Try /etc/pki/tls/certs/, 
> /etc/ssl/certs/ or /usr/share/ssl/certs/, depending on your distro. You'll 
> also need to symlink the certificate to its hash, check the openssl docs 
> if you haven't done this before. 

I've just finished trying this and I still get an error when Asterisk tries to connect.  I have a couple other things I need to try (I need to try to adjust my CA a little bit), but if anyone else has other suggestions for me, I'd appreciate it. 

>> I've tried to use tcpdump to see this data, but tcpdump doesn't grab the 
>> full packet, it truncates it at a certain point, so I can't see the 
>> data. 

> Try doing your tcpdump with "‑s 0" ‑ it tells tcpdump to "snarf" the whole 
> packet 

> Even better, use wireshark (the new name for ethereal). It'll do a very 
> nice job (I tend to find better than tcpdump) at showing you the contents 
> of you ldap queries and responses. 

I was using ethereal to interpret the data, but my servers don't have X on them so it's hard to run Ethereal or Wireshark directly on the server.  So, I use tcpdump to capture to a file, then copy to my workstation and use Ethereal to open it. 


> I haven't gotten around to playing with direct integration with asterisk 
> and ldap, so I can't help on your other issues. 
Nick Couchman
Systems Integrator
SEAKR Engineering, Inc.
6221 South Racine Circle
Centennial, CO 80111
Main: (303) 790-8499
Fax: (303) 790-8720
Web: http://www.seakr.com




-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.digium.com/pipermail/asterisk-users/attachments/20060922/a7fa76b5/attachment.htm

More information about the asterisk-users mailing list