12 June 2013
I got TLS LDAP authentication working in Solaris 10 today. Hooray!
Realistically, this is not really that big of a deal, except that finding the appropriate instructions to do so is near impossible. People say “use certutil!” or “load up firefox go to https://ldapserver:636 and save the cert then copy the files” and this and that and ugh.
So here are some notes. I hope they help you.
/var/ldap— with the rest of the ldap settings.
about:config, right click, make a new string value called
network.security.ports.banned.overrideand add 636 to it.
You’re done. Run ldapclient to set up LDAP and it should work fine.
Do this, then use
certutil -d /var/ldap -L and figure out how you may be able
to script it. Or just run with it. Your call.
Note: This was posted a year ago. I should mention, you should use a fresh Firefox profile for this – no use in accidentially carrying over unnecessary secrets to a config that may be distributed out to many systems.