Lion SSL Error 2100

Discussion in 'Mac OS X Server, Xserve, and Networking' started by mainstay, Dec 8, 2011.

  1. mainstay macrumors 6502

    mainstay

    Joined:
    Feb 14, 2011
    Location:
    BC
    #1
    Anyone else getting this error when attempt to bind from a client to a lion server with a self-signed SSL certificate (created in server.app >> hardware >> etc.) and applied to OD in server admin >> OD >> ldap >> SSL enable)?

    Code:
    http://support.apple.com/kb/TS3958
    Does NOT fix the issue.

    I've tried a manual bind and was not successful.

    Code:
    /usr/sbin/dsconfigldap -f -v -e -a SERVER -u diradmin -c CLIENT -l localadmin
    Not having a ton of joy with Lion Server. I am struggling each step of the way, it seems.
     
  2. Jopernikus macrumors newbie

    Jopernikus

    Joined:
    Dec 29, 2010
    #2
    How do you enter SERVER name?

    Have you tried using server-name.local for SERVER?
    Seems to help some according to Google.
     
  3. mainstay thread starter macrumors 6502

    mainstay

    Joined:
    Feb 14, 2011
    Location:
    BC
    #3
    Hi Jopernikus,

    Thank you for your response.

    .local did not work... nor did manually adding the server to the search policy.

    I spent 3 hours on the phone with AppleCare rebuilding the server from the ground up and at the end we were still not able to bind with SSL (brand new certificate, brand new DNS, brand new OD, NOT brand new install of Lion).

    There was some side commentary that the SSL works fine with the iCal et al., but they've continued to have mystery problems with OD.

    Oh, but for $695 he would be happy to send it on to Engineering Support.

    Joy!
     
  4. matspekkie macrumors member

    Joined:
    Oct 19, 2010
    #4
    rename client computer

    This happened to me also. i got it fixed by renaming my client computer to a new name. Somehow there was something wrong with it. go to sharing
    and give it a new computer name see if that helps.
     
  5. mainstay, Jan 1, 2012
    Last edited: Jan 5, 2012

    mainstay thread starter macrumors 6502

    mainstay

    Joined:
    Feb 14, 2011
    Location:
    BC
    #5
    interesting - you are thinking the machine has a cached certificate that has expired?

    renaming didn't work, but I will try re-imaging the system (client) and try from scratch.

    thanks for the input!

    Update: Didn't work, had to join the OD as a non-trusted source...
     

Share This Page