-----Original Message-----
From: Justin Wood [mailto:justin@flipdog.com]
Sent: Monday, April 22, 2002 10:03 AM
To: Howard Chu
Cc: openldap-software@OpenLDAP.org
Subject: Re: ldap_start_tls: Can't contact LDAP server
That's what I've got. I created a CA cert, then a server certificate
for *.flipdog.com which is signed by the CA cert. That's all I have.
-Justin.
Howard Chu wrote:
-----Original Message-----
From: owner-openldap-software@OpenLDAP.org
[mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Justin Wood
openssl s_client -connect ldapmaster.flipdog.com:636, and it seems to
see the cert, but I get a response I'm not sure of. Along with
reporting the certificate it found, I see the following.
verify error:num=19:self signed certificate in certificate chain
Can anyone shed some light on this for me?
I believe this means you have more than one self-signed
certificate in your
certificate chain. This shouldn't happen; you should have one root-level
Certificate Authority that has a self-signed cert, and then all other
(lower) certificates in a chain should be signed by a superior CA.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
http://www.symas.com http://highlandsun.com/hyc
Symas: Premier OpenSource Development and Support
--
----------------------------------------------------------
Justin Wood justin@flipdog.com
Systems Administrator
FlipDog.com
http://www.flipdog.com/
----------------------------------------------------------