[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: unknown CA



The code to support TLSCACertificatePath has not been written. This option
hasn't worked for a long time.

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support 

> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Tarassov Vadim
> Sent: Thursday, June 13, 2002 9:33 AM
> To: 'OpenLDAP-software@OpenLDAP.org'
> Subject: unknown CA
> 
> 
> Hallo again,
> 
> in addition to the problem I described before I noticed another 
> strange thing:
> 
> If I specify 
> 
> TLSCACertificateFile /usr/local/openldap/etc/certs/CA/CA_pubkey.pem
> 
> ldap starts
> 
> but if I specify 
> 
> TLSCACertificatePath /usr/local/openldap/etc/certs/CA/
> 
> ldap does not want to start writing following:
> 
> TLS: could not load client CA list 
> (file:`',dir:`/usr/local/openldap/etc/certs/CA/').
> 
> although in man you can find
> 
> TLSCACertificateFile <filename>
>           Specifies the file that contains certificates  for  all
>           of   the   Certificate   Authorities  that  slapd  will
>           recognize.
> 
> TLSCACertificatePath <path>
>           Specifies  the  path  of  a  directory  that   contains
>           Certificate    Authority   certificates   in   separate
>           individual files. Usually  only  one  of  this  or  the
>           TLSCACertificateFile is used.
> 
> Do you know what am I doing wrong?
> 
> Regards, Vadim Tarassov.
> 
> 	-----------------------------------------------------------
> 	Vadim Tarassov
> 	e-Platform Solution Center
> 	mailto:vadim.tarassov@winterthur.ch
> 	Phone +41 52 261 73 22, Fax +41 52 261 46 40
> 	Mobile +41 076 380 51 26
> 	-----------------------------------------------------------
> 	Winterthur Insurance
> 	Paulstrasse 12
> 	CH-8401 Winterthur
> 	http://www.winterthur.com/ch
> 	-----------------------------------------------------------
>