Hi, I've set an OpenLDAP server and followed the OpenLDAP CA generation. The slapd is started with ldaps://... and the slapd.conf is configured for the CA certificates. But every time I try to run an ldapsearch I get: ____________________________________________________________________________ _______________ ldap_bind: Can't contact LDAP server (81) additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed ____________________________________________________________________________ _______________ Since slapd is started with debug info, I'm getting the followind data in the server ____________________________________________________________________________ _______________ connection_get(11): got connid=0 connection_read(11): checking for input on id=0 TLS trace: SSL_accept:before/accept initialization TLS trace: SSL_accept:SSLv3 read client hello A TLS trace: SSL_accept:SSLv3 write server hello A TLS trace: SSL_accept:SSLv3 write certificate A TLS trace: SSL_accept:SSLv3 write server done A TLS trace: SSL_accept:SSLv3 flush data TLS trace: SSL_accept:error in SSLv3 read client certificate A TLS trace: SSL_accept:error in SSLv3 read client certificate A connection_get(11): got connid=0 connection_read(11): checking for input on id=0 TLS trace: SSL3 alert read:fatal:unknown CA TLS trace: SSL_accept:failed in SSLv3 read client certificate A TLS: can't accept. TLS: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca s3_pkt.c:1052 connection_read(11): TLS accept error error=-1 id=0, closing connection_closing: readying conn=0 sd=11 for close connection_close: conn=0 sd=11 ____________________________________________________________________________ _______________ Can anyone give me an hand on this? I really believe that the problem is within the client side. Regards, Jorge Ruão ____ Faculdade de Engenharia da Universidade do Porto jruao@fe.up.pt 22.508.1506 (ext.1089)
<<attachment: winmail.dat>>