[SASAG] Need help with openldap TLS
Ski Kacoroski
kacoroski at comcast.net
Fri Jun 2 10:51:34 PDT 2006
Hi,
I have been in certificate hell for the last few days and can really use
some help. I have tried self signed and cacert.org with no luck.
Openssl verifies the certs ok:
ldapum:/opt/openldap/ssl/certs# openssl verify testcert.pem
testcert.pem: OK
but openldap still gives errors:
ldapum:/opt/openldap/ssl/certs# ldapsearch -H ldaps:/// -x "(uid=ski)" uid
ldap_bind: Can't contact LDAP server (-1)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
The log file shows:
May 21 16:27:55 localhost slapd[450]: connection_read(15): TLS accept
failure error=-1 id=0, closing
Any help is most appreciated. Either email or phone at 425-489-6263.
Thanks,
ski
--
"When we try to pick out anything by itself, we find it
connected to the entire universe" John Muir
Chris "Ski" Kacoroski, kacoroski at comcast.net, 206-501-9803
More information about the Members
mailing list