[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
OpenLDAP TLS problem
Hi list
I'm trying to set up an OpenLDAP server with TLS support. I created the
needen certificates and added the essential lines to slapd.conf as
described in several howtos. But I get whatever I try the same error:
TLS trace: SSL_accept:before/accept initialization
TLS trace: SSL_accept:SSLv3 read client hello A
TLS trace: SSL_accept:SSLv3 write server hello A
TLS trace: SSL_accept:SSLv3 write certificate A
TLS trace: SSL_accept:SSLv3 write server done A
TLS trace: SSL_accept:SSLv3 flush data
TLS trace: SSL3 alert read:fatal:unknown CA
TLS trace: SSL_accept:failed in SSLv3 read client certificate A
TLS: can't accept.
TLS: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
/usr/src/lib/libssl/ssl/../src/ssl/s3_pkt.c:1052
connection_read(9): TLS accept error error=-1 id=7, closing
connection_closing: readying conn=7 sd=9 for close
connection_close: conn=7 sd=9
daemon: removing 9
daemon: select: listen=8 active_threads=0 tvp=NULL
daemon: activity on 1 descriptors
daemon: select: listen=8 active_threads=0 tvp=NULL
As explained in several mailinglist posts everything should work after
declaring the correct certificate through the TLS_CACERT variable. I
also created an .ldaprc file which contains this variable. But the error
occurs still.
What else can I do to solve this problem? I very welcome any suggestions!
Best regards
Lukas