I've been trying to get kaddressbook
working with the company LDAP server. The LDAP server is accessed over SSL using the standard LDAP SSL port 636.
All I would get is a dialog saying
Could not connect to host ldaps://cn%3d' [rest of URL omitted].
This turned out to be a certificate problem. LDAP is fussy. Certificates must be present, and must work correctly.
So first I added the company root CA certificate to the collection of Debian roots. I created a company subdirectory in /usr/share/ca-certificates
, copied the
company CA root certificate into that subdirectory, ran
# dpkg-reconfigure ca-certificates
and marked the company CA root certificate as activated.
Today in preference I would just add the certificate to /usr/local/share/ca-certificates
and run update-ca-certificates
. All certificates in that directory are activated.
Unfortunately KDE 4 keeps its own set of root certificates. I followed the advice of
Rene Mayrhofer and replaced the KDE root CA file with a link to the Debian one. The combination of adding the company root CA to the Debian list and the KDE list gets kaddressbook
working.
# dpkg-divert --local --rename --add /usr/share/kde4/apps/kssl/ca-bundle.crt # ln -s /etc/ssl/certs/ca-certificates.crt /usr/share/kde4/apps/kssl/ca-bundle.crt