[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: ldaps and Active Directory

To: Grant Sturgis <gesturgis@hotmail.com>
Subject: Re: ldaps and Active Directory
From: Michael Ströder <michael@stroeder.com>
Date: Fri, 09 Dec 2005 09:07:51 +0100
Cc: OpenLDAP-software@OpenLDAP.org
In-reply-to: <BAY106-F31B3550EE7DC3EF8F5DA21B0420@phx.gbl>
References: <BAY106-F31B3550EE7DC3EF8F5DA21B0420@phx.gbl>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.12) Gecko/20050920

Grant Sturgis wrote:
> 
> ldap_bind: Can't contact LDAP server (-1)
>        additional info: error:14090086:SSL
> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
> 
> 
> I have installed Certificate Services on the W2K domain controller and
> exported the CA Cert and copied the file to the linux
> box:/etc/openldap/cacerts.  In /etc/openldap/ldap.conf I have tried:
> 
> TLS_CACERTDIR /etc/openldap/cacerts
> TLS_CACERT /etc/openldap/cacerts/cacert.pem

Which OpenLDAP version are you using?
There have been fixes to SSL configuration in 2.3.12.

Ciao, Michael.

Follow-Ups:
- Re: ldaps and Active Directory
  - From: Shuh Chang <schang@axalto.com>

References:
- ldaps and Active Directory
  - From: "Grant Sturgis" <gesturgis@hotmail.com>

Prev by Date: Re: Slow adding attributes to a entry with many attributes
Next by Date: Re: ldaps and Active Directory
Index(es):
- Chronological
- Thread