« Configuring the built-in Cisco IPSec VPN client in Snow Leopard and iPhone | Main | Directory Services, OpenLDAP and DNS pools »

Getting LDAP entries to work in 10.6 Address Book.app

Special thanks to Florian Schoppmann for bringing this issue to the community's attention. I'm extracting the steps to get Address Book and Mail to read from the Stanford LDAP directory. General instructions for setup can be found here:


Since Address Book in 10.6 does not allow for self-signed certificates, you will need to take the following steps to get it working:

1. Retrieve the certificate by going to Terminal and typing:
openssl s_client -connect mothra.win.stanford.edu:636

2. Copy everything in between



"-----END CERTIFICATE-----" (including these lines)

to a new file with suffix .pem

3. double click on the file you just saved (.pem) to open it in Keychain Access

4. double click on the new certificate, click on the 'Trust' disclosure triangle and set "When using this Certificate:" to "Always trust".

As Florian says, VoilĂ !


TrackBack URL for this entry:

Comments (2)

I will keep visiting this blog very often.

Vijoy Abraham Author Profile Page:

ITS is updating the instructions at the page below so the steps in this post will hopefully be obviated.


Post a comment

(If you haven't left a comment here before, you may need to be approved by the site owner before your comment will appear. Until then, it won't appear on the entry. Thanks for waiting.)


This page contains a single entry from the blog posted on September 17, 2009 11:44 AM.

The previous post in this blog was Configuring the built-in Cisco IPSec VPN client in Snow Leopard and iPhone.

The next post in this blog is Directory Services, OpenLDAP and DNS pools.

Many more can be found on the main index page or by looking through the archives.

Creative Commons License
This weblog is licensed under a Creative Commons License.
Traffic analyzed by Google Analytics. Site powered by Movable Type 4.32-en