On 11/09/2012 08:09 AM, Luc MAIGNAN wrote:
Le 09/11/2012 15:51, Rich Megginson a
écrit :
On 11/09/2012 07:37 AM, Luc MAIGNAN wrote:
Le 09/11/2012 15:29, Rich
Megginson a écrit :
On
11/09/2012 06:08 AM, Luc MAIGNAN wrote:
Hi,
I want to setup a LDAPS connection with a self signed
certificate.
Unfortunaly, I have the following error :
Peer's certificate issuer has been marked as not trusted
by the user
I tried to trust is by a : certutil -d ... -A -n 'CA' -t
CT,,, -a -i ca.crt
But it doen't change anything.
Has someone an idea for me ?
What is your platform? What is your openldap version? Are
you using openldap for client, server, or both?
Best regards
I use openLDAP for both client and server.
My system is a Fedora 17, openldap 2.4.33
I think that the top propblem is this one : TLS: cannot
open certdb '/etc/openldap/cacerts', error -8018:Unknown
PKCS #11 error
Idea ?
Is that error from the client or server?
check for permissions - ls -al /etc/openldap/cacerts
certutil -d /etc/openldap/cacerts -L
BR
all in /etc/openldap is owned by ldap
certutil -d /etc/openldap/cacerts -L gives
Certificate Nickname Trust
Attributes
SSL,S/MIME,JAR/XPI
CA CT,,
Can you provide the output of
LDAPTLS_CACERTDIR=/etc/openldap/cacerts ldapsearch -d 1 -xLLL -s
base -b ""
showing the attempt to open the key/cert db in
/etc/openldap/cacerts?
|