[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Problem with SSL/TLS



--On Monday, April 12, 2010 2:20 PM -0400 Lynn York <lynn.york@mavenwire.com> wrote:

TLS certificate verification: depth: 0, err: 18, subject:
/C=US/ST=Pennsylvania/L=King of Prussia/O=MavenWire,
LLC/OU=Support/CN=testing.com/emailAddress=mw-hosting-sysadmin@testing.co
m, issuer: /C=US/ST=Pennsylvania/L=King of Prussia/O=MavenWire,
LLC/OU=Support/CN=testing.com/emailAddress=mw-hosting-sysadmin@testing.com
TLS certificate verification: Error, self signed certificate
TLS trace: SSL3 alert write:fatal:unknown CA
TLS trace: SSL_connect:error in SSLv3 read server certificate B
TLS trace: SSL_connect:error in SSLv3 read server certificate B


The above error seems very clear to me. The CA for the offered cert is unknown. Either your CA path for OpenLDAP is wrong in your OpenLDAP ldap.conf file (which is set via the TLS_CACERT or TLS_CACERTDIR variables), or you've pointed at the wrong one, etc.

As has been noted numerous times to you so far /etc/ldap.conf is not the place you set these variables. You fail to show your /etc/ldap/ldap.conf (assuming that's the location of it) settings.

--Quanah

--

Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration