[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS question

To: Dennis.Hoffman@seagate.com
Subject: Re: TLS question
From: Howard Chu <hyc@symas.com>
Date: Fri, 29 Sep 2006 19:24:04 -0700
Cc: openldap-software@OpenLDAP.org
In-reply-to: <OFCF6349A5.CC03BA5C-ON872571F8.007C5B6F-872571F8.007CFD8E@seagate.com>
References: <OFCF6349A5.CC03BA5C-ON872571F8.007C5B6F-872571F8.007CFD8E@seagate.com>
User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20060911 Netscape/7.2 (ax) Firefox/1.5 SeaMonkey/1.5a

Dennis.Hoffman@seagate.com wrote:

Hello:

      I am trying to get TLS working on openldap-2.3.20.  when I initiate a
search, the debug info at the server indicates "unknown_ca".  According to
RFC 2246, this means that the "CA certificate could not be located or
couldn't be matched with a known, trusted CA".  My question:  Isn't the
slapd.conf "TLSCACertificateFile" directive what tells slapd which CA to
trust?  If so, why isn't it working?


See the Admin Guide http://www.openldap.org/doc/admin23/tls.html

You need to configure the client.

--
  -- Howard Chu
  Chief Architect, Symas Corp.  http://www.symas.com
  Director, Highland Sun        http://highlandsun.com/hyc
  OpenLDAP Core Team            http://www.openldap.org/project/

References:
- TLS question
  - From: Dennis.Hoffman@seagate.com

Prev by Date: Re: slurpd problems
Next by Date: Re: Re: slurpd problems
Index(es):
- Chronological
- Thread