|
Where do I need to put a CA certificate so that Openldap can
find it properly? I have openldap version 2.3.27 that was compiled using
openssl support on a Solaris 10 machine. Trying to do secure LDAP
transactions with ldapsearch results in SSL initialization failed: error -8192 (An I/O error
occurred during security authorization.) Trying to do raw ssl connects (using openssl s_client –connect)
fail saying it can’t find the local issuer certificate, but if I include
the –Cafile option to tell it exactly where the CA cert is, then it works
fine. My ldap.conf has the following entries, and I have double and
triple checked the paths and file names: TLS_REQCERT never TLS_CACERT /etc/sfw/openssl/certs/cacert.pem TLS_CACERTDIR /etc/sfw/openssl/certs -------------------------------------------------------------------- System Administrator (269) 337-7496 |