[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Last attempt at TLS/SSL

To: "Lawrence, Mike (White ""Plains)" <Mike.Lawrence@starwoodhotels.com>
Subject: Re: Last attempt at TLS/SSL
From: Jason L W Lynn <jlwlynn@uab.edu>
Date: 26 Jun 2003 13:39:06 -0500
Cc: openldap-software@OpenLDAP.org
In-reply-to: <6C6B73040F8CD411AA5600508B6D5F1208A261BE@strnynt2.strny.starwoodhotels.com>
Organization:
References: <6C6B73040F8CD411AA5600508B6D5F1208A261BE@strnynt2.strny.starwoodhotels.com>

I believe your client has to know about your CA.  Try adding (instead of
"TLS_REQCERT allow"):

TLS_CACERT /path/to/cacert/cacert.pem

On Thu, 2003-06-26 at 13:03, Lawrence, Mike (White Plains) wrote:
> ldap_bind: Can't contact LDAP server (81)
>         additional info: error:14090086:SSL
> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
>

References:
- Last attempt at TLS/SSL
  - From: "Lawrence, Mike (White Plains)" <Mike.Lawrence@starwoodhotels.com>

Prev by Date: Re: ACL/ACI && SASL
Next by Date: RE: Last attempt at TLS/SSL
Index(es):
- Chronological
- Thread