This article concerns LDAP Administrator versions 2.x or LDAP Browser versions 2.x.
Having an LDAP server profile created with the SSL configuration enabled, you still can't connect to the server. As a result, '[error 81] Can't contact LDAP server' is displayed.
This kind of behaviour occurs due to the absence of necessary SSL certificates in the certificate database, or the absence of the certificate database itself. This certificate database is required for an LDAP client library to establish the SSL connection.
You should create and populate a certificate database containing the necessary certificates manually.To do this, please follow the procedure below:
* Download and install the Netscape web browser version 4.x. Note that it's vital to use version 4.x - later version like 5+ or Firefox use newer certificate store format which is incompatible with the version used by LDAP Browser 2.x.
* Run the Netscape browser.
* Open URL: https://yourserver:sslport/, where:
o yourserver - Your LDAP server address, provided it is an IP or host name. For example: 192.168.234.33 or ldap.mycompany.com.
o sslport - A TCPIP port number used by your server to accept SSL connections. Usually his port number is 636.
You'll see the Netscape Certificate Name Check window. Follow the instructions provided there and accept the server certificate for this and future sessions.
* Close the Netscape browser
* Copy the key3.db and cert7.db files from the Netscape user profile directory to the LDAP Administrator or LDAP Browser root directory.
* Restart LDAP Administrator or LDAP Browser.
* Open the server profile.
* Change Port number at the General tab. Press Apply.
* Check the Try to use SSL box at the LDAP Settings tab. Press Apply.
* Press OK.
2006-06-08 Update: An alternative way was suggested at this forum.