[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: problem with ldapsearch/TLS ( or Fedora Core 2?? )

To: Barrow H Kwan <bhkwan@thoughtworks.com>
Subject: Re: problem with ldapsearch/TLS ( or Fedora Core 2?? )
From: Jeff Warnica <jeffw@chebucto.ns.ca>
Date: Fri, 22 Oct 2004 21:50:32 -0300
Cc: OpenLdap Software List <openldap-software@OpenLDAP.org>
In-reply-to: <OFA6AA1220.F8AD934E-ON88256F35.000C79F8-88256F35.000C80FC@thoughtworks.com>
References: <OFA6AA1220.F8AD934E-ON88256F35.000C79F8-88256F35.000C80FC@thoughtworks.com>

On Thu, 2004-21-10 at 19:16 -0700, Barrow H Kwan wrote
> 
> [root@myhost root]# ldapsearch -H ldap://myhost.domain.com -D
> uid=user1,ou=People,dc=Corporate,dc=Domain,dc=COM -x -W -ZZ 
> ldap_start_tls: Connect error (91) 
>        additional info: error:14090086:SSL
> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed 
<snip>
> : is it a problem with ldapsearch ? 


Unlikely. Does ldapsearch know about your CA certs? Note
that /etc/ldap.conf is for pam/nss _only_, everything else uses,
ie, /erc/openldap/ldap.conf ... at least with all the RH/Fedora RPMs.

If that doesn't work, run ldapsearch with "-d -1" and see if that gives
any hits.

Follow-Ups:
- Re: problem with ldapsearch/TLS ( or Fedora Core 2?? )
  - From: Barrow H Kwan <bhkwan@thoughtworks.com>

References:
- problem with ldapsearch/TLS ( or Fedora Core 2?? )
  - From: Barrow H Kwan <bhkwan@thoughtworks.com>

Prev by Date: Re: OpenLDAP Replication
Next by Date: Re: problem with ldapsearch/TLS ( or Fedora Core 2?? )
Index(es):
- Chronological
- Thread