Getting LDAP entries to work in 10.6 Address

| 2 Comments | No TrackBacks

Special thanks to Florian Schoppmann for bringing this issue to the community's attention. I'm extracting the steps to get Address Book and Mail to read from the Stanford LDAP directory. General instructions for setup can be found here:

Since Address Book in 10.6 does not allow for self-signed certificates, you will need to take the following steps to get it working:

1. Retrieve the certificate by going to Terminal and typing:
openssl s_client -connect

2. Copy everything in between



"-----END CERTIFICATE-----" (including these lines)

to a new file with suffix .pem

3. double click on the file you just saved (.pem) to open it in Keychain Access

4. double click on the new certificate, click on the 'Trust' disclosure triangle and set "When using this Certificate:" to "Always trust".

As Florian says, VoilĂ !

No TrackBacks

TrackBack URL:


I will keep visiting this blog very often.

Leave a comment

About this Entry

This page contains a single entry by Vijoy Abraham published on September 17, 2009 11:44 AM.

Configuring the built-in Cisco IPSec VPN client in Snow Leopard and iPhone was the previous entry in this blog.

Directory Services, OpenLDAP and DNS pools is the next entry in this blog.

Find recent content on the main index or look in the archives to find all content.