[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
ldap_start_tls: Can't contact LDAP server
I'm having some trouble getting tls to work with my OpenLDAP
installation (v. 2.0.21 on FreeBSD 4.5-RELEASE)
I have set up my own CA and generated a wildcard cert, which I know to
work with other applications (imap, http, etc.). I then added the
following lines to slapd.conf:
TLSCACertificateFile /etc/ssl/FlipDog/cacert.pem
TLSCertificateFile /usr/local/ssl/certs/flipdog.com.pem
TLSCertificateKeyFile /usr/local/ssl/keys/flipdog.com.key
When I try to do ldapsearch using -ZZ, I get the error in the Subject:
line. I've tried doing a
openssl s_client -connect ldapmaster.flipdog.com:636, and it seems to
see the cert, but I get a response I'm not sure of. Along with
reporting the certificate it found, I see the following.
verify error:num=19:self signed certificate in certificate chain
Can anyone shed some light on this for me?
Thanks in advance,
Justin.
----------------------------------------------------------
Justin Wood justin@flipdog.com
Systems Administrator
FlipDog.com http://www.flipdog.com/
----------------------------------------------------------