[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
OpenLDAP 2.1.3 TLS: self signed certificate
Not really finding the answer to this in the archives, so...
I have a server certificate I've signed with my CA certificate, everything
stored in PEM format. The certs work OK on my Apache mod_ssl server.
I've added the configuration:
TLSCertificateFile /opt/ldap/etc/denverops.quris.net.crt.pem
TLSCertificateKeyFile /opt/ldap/etc/denverops.quris.net.key.pem
TLSCACertificateFile /opt/apache/conf/ssl.crt/cacert.pem
TLSVerifyClient never
Running slurpd in debug mode, ultimately I see:
TLS certificate verification: depth: 1, err: 19, subject:
/Email=sysadmin@quris.com/CN=Quris, Inc. Certificate Authority/O=Quris,
Inc./C=US/L=Denver, issuer: /Email=sysadmin@quris.com/CN=Quris, Inc.
Certificate Authority/O=Quris, Inc./C=US/L=Denver
TLS certificate verification: Error, self signed certificate in
certificate chain
What's wrong with a self-signed certificate?
Thanks for any hints.
===========
Alan Sparks, UNIX/Linux Systems Administrator
<asparks@doublesparks.net>