[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: TLS/SSL and self-signed certificates
- To: Rick Stevens <rps2@socal.rr.com>
- Subject: Re: TLS/SSL and self-signed certificates
- From: Mathias Gug <mathiaz@ubuntu.com>
- Date: Thu, 9 Jul 2009 10:52:04 -0400
- Cc: OpenLDAP <openldap-software@openldap.org>
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:sender:received:in-reply-to :references:date:x-google-sender-auth:message-id:subject:from:to:cc :content-type:content-transfer-encoding; bh=3WKA7PeGX8kt2jFEOXn45PZn26Ar/tBR2kLjDdQYzw0=; b=R/PG27iXdVhUir6NptBMWy/7O9Vv3sTlK8WpTmix36P9dvEfDp5PT4X7FCoH409LmB H3VBUBn6LIBnyf2RCWTstpjmcHVySJgbKGpLPvsph16yfyIQ3xFOgqpjLo8vW4h05XVS ABMhJSBz84gcB+ALOiVZhSQEk17X7tijTL+9g=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:sender:in-reply-to:references:date :x-google-sender-auth:message-id:subject:from:to:cc:content-type :content-transfer-encoding; b=qTyXUng26MuWpKrUr3ZEmD19YqXS5DXiCuu9PpNNbejFUjzZwcjMg3j5wVD8kLLikA lJrUjTufsid6MAq4IaGGe7Hk4H5btUhFvQuefRKCOuIy9Wnn+6/K8YX6oBUWBan4GL3S dhLqjdx6KvEhR4HawBjr6jI4OYpb9eSd4UXCQ=
- In-reply-to: <4A553854.5050300@socal.rr.com>
- References: <4A553854.5050300@socal.rr.com>
Hi Rick,
On Wed, Jul 8, 2009 at 8:22 PM, Rick Stevens<rps2@socal.rr.com> wrote:
> I know this has been hashed over before, but I simply cannot get my
> LDAP clients to talk TLS/SSL to my LDAP server. I keep getting
>
> TLS certificate verification: Error, self signed certificate in
> certificate chain
>
> errors. A standard "openssl s_client" test works fine, but a client
> such as ldapsearch simply refuses to cooperate. I have the
> "tls_cacertdir" set to point at a directory that has a copy of every
> certificate I've created and it still won't work.
Could you outline which version of openldap and OS you're using?
--
Mathias Gug
Ubuntu Developer http://www.ubuntu.com