[Date Prev][Date Next] [Chronological] [Thread] [Top]

TLS/SSL and self-signed certificates



I know this has been hashed over before, but I simply cannot get my
LDAP clients to talk TLS/SSL to my LDAP server.  I keep getting

	TLS certificate verification: Error, self signed certificate in
	certificate chain

errors.  A standard "openssl s_client" test works fine, but a client
such as ldapsearch simply refuses to cooperate.  I have the
"tls_cacertdir" set to point at a directory that has a copy of every
certificate I've created and it still won't work.

The certificates were created based on the instructions at:

	http://www.openldap.org/faq/data/cache/185.html

as specified in the admin manual.  I'm the first to admin I'm not an
SSL guy, but this has got me stumped!  I'll be happy to provide whatever
bits of the various config files you need.

Help me Obi-Wan Kenobi!
----------------------------------------------------------------------
- Rick Stevens, Unix Geek                          rps2@socal.rr.com -
-                                                                    -
- Treat each day as if it's your last...a lot of crying and whining  -
-      usually gets you what you want!              -- Sam Sledge    -
----------------------------------------------------------------------