Chris Hunter wrote: > Hi, > > Does anyone know if the nss_ldap rpm package in SL4x (nss_ldap-226-10) > is compiled with ssl support ? Well, If I: rpm -ql nss_ldap I get a long list of files including: /lib/security/pam_ldap.so If I then do a: ldd /lib/security/pam_ldap.so I get a list of referenced libraries, including: libcrypto.so.4 => /lib/libcrypto.so.4 (0x0023a000) If I ls -l /lib/libcrypto.so.4 I find it's really as symlink /lib/libcrypto.so.4 -> libcrypto.so.0.9.7a And if I rpm -qf /lib/libcrypto.so.0.9.7a I find that's from openssl-0.9.7a-43.4. So yes, nss_ldap *was* built with ssl support. > Anybody using ldap + ssl on scilinux ? I talked with a guy at SLAC who was using it on Red Hat Enterprise, which is remarkably similar to Scientific Linux... I believe it was working for him. I note also that the "rpm -ql nss_ldap" above also has: /usr/share/doc/nss_ldap-226/README.TLS (where TLS is the newer name for SSL...) which mentions that hostnames in the ldap.conf file need to match up letter for letter with (I assome the CN=... part of) certificates on servers. Marc