[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS verify errors

To: User1001 <supraexpress@globaleyes.net>, openldap-software@openldap.org
Subject: Re: TLS verify errors
From: Quanah Gibson-Mount <quanah@zimbra.com>
Date: Thu, 16 Aug 2007 18:42:30 -0700
Content-disposition: inline
In-reply-to: <46C4FA17.7050909@globaleyes.net>
References: <9B07DB76E347F080E954C777@deus-ex.zimbra.com> <hbf.20070816uzsl@bombur.uio.no> <41AC2E967042466E75DA2690@[192.168.1.3]> <46C4FA17.7050909@globaleyes.net>

--On Thursday, August 16, 2007 8:29 PM -0500 User1001 <supraexpress@globaleyes.net> wrote:

Failure on just CAcert could be ownership/permission problems (file vs
app). If there is more than one CA in the "certificate chain", then a
single CAcert might not succeed. If OS X has "ktrace" (or equivalent), it
might help to identify what is being looked for when single CAcert
directive is used.

If you read my note, you'll see that I already showed that file permissions were not an issue. In any case, setting up roots .ldaprc had the same result in starting slapd -- it wouldn't start. And there is only the single ca.pem file in that directory, so it isn't a case of multiple CA certs, either.

--Quanah

--

Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration

References:
- TLS verify errors
  - From: Quanah Gibson-Mount <quanah@zimbra.com>
- Re: TLS verify errors
  - From: Hallvard B Furuseth <h.b.furuseth@usit.uio.no>
- Re: TLS verify errors
  - From: Quanah Gibson-Mount <quanah@zimbra.com>
- Re: TLS verify errors
  - From: User1001 <supraexpress@globaleyes.net>

Prev by Date: Re: TLS verify errors
Next by Date: Re: x-ordered extension doesn't work (openldap2-2.3.27)
Index(es):
- Chronological
- Thread