[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap tls problem

To: openldap-software@openldap.org
Subject: Re: openldap tls problem
From: "Dieter Kluenter" <dieter@dkluenter.de>
Date: Fri, 12 Sep 2008 17:09:29 +0200
In-reply-to: <1221218511.2280.22.camel@its-fischer> (Michael Fischer's message of "Fri, 12 Sep 2008 13:21:51 +0200")
References: <1221218511.2280.22.camel@its-fischer>
User-agent: Gnus/5.1008 (Gnus v5.10.8) XEmacs/21.5-b28 (linux)

Michael Fischer <michi.fischer@gmx.net> writes:

> hi,
>
> i hope this is the right list for my problem, if not sorry in advance.
>
> i want to configure slapd to use tls. i have a certifikate signed by
> globalsign and the following lines in my slapd.conf:

[...]
> TLS trace: SSL_connect:before/connect initialization
> TLS trace: SSL_connect:SSLv2/v3 write client hello A
> TLS trace: SSL_connect:SSLv3 read server hello A
> TLS certificate verification: depth: 2, err: 19, subject: /C=US/O=GTE
> Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global
> Root, issuer: /C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions,
> Inc./CN=GTE CyberTrust Global Root
> TLS certificate verification: Error, self signed certificate in
> certificate chain
> TLS trace: SSL3 alert write:fatal:unknown CA

The ldap client has no knowledge of the CA, edit ldap.conf(5) or .ldaprc
appropriately.

-Dieter

-- 
Dieter Klünter | Systemberatung
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6
53°08'09,95"N
10°08'02,42"E

References:
- openldap tls problem
  - From: Michael Fischer <michi.fischer@gmx.net>

Prev by Date: Re: openldap tls problem
Next by Date: Re: Got Search entry without sync control
Index(es):
- Chronological
- Thread