I have an OpenLDAP server running in a test environment with a firewall on the LAN forwarding port 8636 back to slapd listening on 636 (for an older application which does not support START_TLS).
To test things, I started on the LAN by specifying -p 8636 in the comamand line. This failed for some reason, so I went ahead and tried the same command on the LDAP server itself. I get the same error:
ldap1# ldapsearch -x -H ldaps://ldap1 -p 8636
ldapsearch: -H incompatible with -p
Huh? Why is this a problem?
If I don't specify a port number, then it all works OK:
ldap1# ldapsearch -x -H ldaps://ldap1
# extended LDIF
#
# LDAPv3
...
Is there any other way to tell ldapsearch to use SSL on a different port or have I missed something in the syntax?
UPDATE per answer
ldap1# ldapsearch -x -H ldaps://ldap1:636
# extended LDIF
#
# LDAPv3
…
Best Answer
You either use the deprecated
-hand-pto respectively set the hostname and non-default port number,or you use
-Hwith a properly RFC 2255 specified URL<scheme>://<hostname>[:portnumber]to set a non-standard port e.g.ldaps://ldap1:8636