Re: 2.1.22 not accepting self-signed SSL cert

[Jochen Laser <jochen.laser@orangetraining.de>]

On Mon, 3 Nov 2003 19:23:45 -0600 (CST)
<adamtheo@theoretic.com> wrote:

> Quanah Gibson-Mount wrote:
> >Your client hosts need the appropriate settings in ldap.conf to accept the
> >cert on the OpenLDAP server which would point to the CA cert for your
> >self-signed certs.
> 
> I have included the TLS_CACERT directive in my /etc/ldap.conf but I am
> still getting the same results. Ant other debugs I can provide? Thanks.
> 

 I experienced the same,but as I understand this now, this "bug" is a feature 
 that didn't make it  into the documentation of 2.1.22. 

 You might want to have a look at ITS #2697 where this is discussed. 
 These TLS_* Options are "user-only" and  must be
 specified in the ldprc files or the environment rather than in /etc/.../ldap.conf 

 Yours:
 Jochen
 



-- 
Jochen Laser --------------------------------------------------------------  
Fliederweg 2a                  |~    email: jochen.laser@orangetraining.de 
D-19288 Woebbelin           /     \   
fon   : (+49)62216599390                      http://www.orangetraining.de        
fax   : (+49)62216599391    \     /          
mobile: (+49)01731082916       ~      -------------------------------------