[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: TLS not working with 2.0.14



I'm having difficulty configuring TLS for LDAP.  I've followed the
instructions in this thread:
http://www.openldap.org/lists/openldap-software/200109/msg00745.html
for generating a self signed certificate, with the Common Name set as the
fully qualified domain name of my machine, and the -d127 debug output is
showing that the CA is unknown.  Can anyone offer any suggestions?

ldapsearch -d127 -H ldaps://xxx.xxxx.org -x -b ... -L -ZZ

returns:

TLS certificate verification: Error, self signed certificate
tls_write: want=7, written=7
  0000:  15 03 01 00 02 02 30                               ......0
TLS trace: SSL3 alert write:fatal:unknown CA
TLS trace: SSL_connect:error in SSLv3 read server certificate B
TLS trace: SSL_connect:error in SSLv3 read server certificate B
TLS: can't connect.
ldap_perror
ldap_bind: Can't contact LDAP server (81)
        additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

thanks for any help,
pat