You can make a difference in the Apple Support Community!

When you sign up with your Apple Account, you can provide valuable feedback to other community members by upvoting helpful replies and User Tips.

💡 Did you know?

⏺ If you can't accept iCloud Terms and Conditions... Learn more >

⏺ If you don't see your iCloud notes in the Notes app... Learn more >

Looks like no one’s replied in a while. To start the conversation again, simply ask a new question.

IPhone LDAP contacts and Self signed SSL certificates

Hi,

I am using OpenLDAP with self signed SSL certificate, and i am unable to get SSL work with LDAP contacts on the IPhone (4.x). I have tried to add a CA cert with a server certificate for the LDAP server and downloaded it to the IPhone by web, it adds the CA, but even with it, it does not want to connect to the LDAP server with SSL enabled.
Does LDAP contacts should work by adding new CA ? if yes, what is the exact procedure to do it ? (maybe I used a wrong CA export format, or wrong SSL certificate encryption format ...)
can someone tell me how to do it ?
This is really anoying, since we have multiple iphones on the company.

Thanks for the help.

iOS 4

Posted on Apr 11, 2011 1:03 AM

Reply
3 replies

Jun 23, 2011 1:26 PM in response to ulysse31_revient

First, have you checked your server's settings?


Here's a link on a PDF describing which ports need to be opened:

http://images.apple.com/iphone/business/docs/iPhone_IMAP.pdf


Then you'll need to set up a series of tests to pinpoint where exactly the problem occurs. Unfortunately, I can't give any detailed advice. Each server configuration is different. And you'll also need to check if any of the necessary ports are blocked by your ISP (which is usually the case with educational institutions & libraries).


Good luck.

Jan 23, 2012 4:20 AM in response to ulysse31_revient

Hello, found your post. I realize it's been 6 months since you posted, but I have a solution for you since I have struggled with the same problem since 2009.


I discovered that when the iPhone is using LDAPS, it tries to bind with LDAPv2. After it binds, it speaks LDAPv3 like it is supposed to. Apparently this is a somewhat common practice since OpenLDAP includes an option for it.


You'll want to set the following option in OpenLDAP:


dn: cn=config

olcAllows: bind_v2


Walla! LDAPS works! (assuming you've correctly done all the certificate stuff). Took some deep reading through the debug logs to figure out this problem. Figured I'd share my answer with others.

IPhone LDAP contacts and Self signed SSL certificates

Welcome to Apple Support Community
A forum where Apple customers help each other with their products. Get started with your Apple Account.