Home / server / Questions / 767059
Accepted
Server Fault
Asked: 2016-03-31 06:31:37 +0800 CST

How to use ldapsearch with SSL on different port (-p does not work)?

  • 772

I have an OpenLDAP server running in a test environment with a firewall on the LAN forwarding port 8636 back to slapd listening on 636 (for an older application which does not support START_TLS).

To test things, I started on the LAN by specifying -p 8636 in the comamand line. This failed for some reason, so I went ahead and tried the same command on the LDAP server itself. I get the same error:

ldap1# ldapsearch -x -H ldaps://ldap1 -p 8636
ldapsearch: -H incompatible with -p

Huh? Why is this a problem? If I don't specify a port number, then it all works OK:

ldap1# ldapsearch -x -H ldaps://ldap1
# extended LDIF
#
# LDAPv3
...

Is there any other way to tell ldapsearch to use SSL on a different port or have I missed something in the syntax?

UPDATE per answer

ldap1# ldapsearch -x -H ldaps://ldap1:636
# extended LDIF
#
# LDAPv3

...

linux

1 Answers

  1. Best Answer

    ldapsearch: -H incompatible with -p
    Huh? Why is this a problem?

    You either use the deprecated -h and -p to respectively set the hostname and non-default port number,
    or you use -H with a properly RFC 2255 specified URL <scheme>://<hostname>[:portnumber] to set a non-standard port e.g. ldaps://ldap1:8636

    • 6