Hi,
I would like to open a discussion with OpenLDAP team. I hope this is the right email address. If not please let me know the correct to which this mail should be directed to.
Issue:
We are currently using OpenLdap 2.4.16 version on Win 64 .We are using RSA and MES Shareadapter internally to build the openldap libs.
I am getting the below error when I use Sha-256 (2048 key length) certificates:
ldap_sasl_bind_s: Can't contact LDAP server (-1) error:14090086:SSL routines: SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
I am using the option LDAP_OPT_X_TLS_CACERTDIR and pass the cert directory which has the certificates. This fails.
But the same passes when I use LDAP_OPT_X_TLS_CACERTFILE and point to the certicate which is of .pem format.
Can you please let me know I am missing something here or is this a bug?
Any help on this is appreciated.
Thanks
Anitha