[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Client says Can't contact LDAP server, but it can!
On Thu, Jul 24, 2008 at 03:14:33PM -0700, Howard Chu wrote:
> Just use -d1 on ldapsearch and you'll get the OpenSSL diagnostic messages.
Now we're getting somewhere!
It tells me:
TLS trace: SSL3 alert write:fatal:unknown CA
I'm using a self-signed certificate, and it worked just fine when this
machine was a master LDAP server. I moved /var/lib/ldap, created a new
/var/lib/ldap, added the synrepl stuff, and started ldap I've also
recreated my certificate a couple of different ways... I'm not sure if
this scertificate needs to be 100% unique, or if the OU in the
certificate needs to be the same as the OU in the cert on the master
server, or ??? neither worked, though.
--
***********************************************************************
* John Oliver http://www.john-oliver.net/ *
* *
***********************************************************************