« Back to home

Two OpenLDAP TLS gotchas

The scenario: You’re using CentOS 7 or RHEL 7. You’re using OpenLDAP. You have TLS set up on OpenLDAP. You are trying to perform a query against the server using ldapsearch. Problem #1: You get: ldap_start_tls: Can’t contact LDAP server (-1) ldap_sasl_bind(SIMPLE): Can’t contact LDAP server (-1) Possible solution: You’re using the -Z option (along with -h and -p) to specify the host and port and request TLS.…

Read more »

Yum: "Unable to read consumer identity"

Posted on

Did you just install a new RHEL 6 system? If so, you might have used the familiar rhn_* commands to register the system. Unfortunately, those don’t work in RHEL 6.3. Instead, they result in a broken setup where Yum always barfs with the above error. RedHat’s knowledgebase article claims that it’s possible to set up traditional RHN on a 6.x system, but their instructions don’t seem to work. Instead, first you’ll need to get rid of the old ‘RHN Classic’:…

Read more »