[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: can't use godaddy SSL cert

To: openldap-technical@openldap.org
Subject: Re: can't use godaddy SSL cert
From: DT Piotr Wadas <pwadas@dtpw.pl>
Date: Thu, 25 Nov 2010 18:04:40 +0100 (CET)
In-reply-to: <AANLkTinm3i0bwh+fDMVQkEQ-PwtaNdNfqJnWb0KU0EqJ@mail.gmail.com>
References: <AANLkTinm3i0bwh+fDMVQkEQ-PwtaNdNfqJnWb0KU0EqJ@mail.gmail.com>

On Thu, 25 Nov 2010, bluethundr wrote:

> Hey list,
> 
>  I was having a similar SSL/openLDAP problem to this last week. I had
> a chance to look at this again today and it still appears to not be
> working. I called godaddy and had the last cert cancelled and reissued
> as I had mis-typed the name of the CN on the last one.
> 
>  I am trying to setup a Godaddy turbo SSL certificate with an openLDAP
> 2.4 server under FreeBSD 8.1.
> 
> [root@LBSD2:/usr/home/bluethundr]#pkg_info | grep openldap
> openldap-sasl-client-2.4.23 Open source LDAP client implementation
> with SASL2 support
> openldap-sasl-server-2.4.23 Open source LDAP server implementation
> 

I bet you better check filenames, and permissions of cacert, client cert,
and key file. And certification chain. using openssl s_client provide full 
path to certificate file. CA Certificate, certification chain, keyfile and 
client certificate are, as you know, different things, also check default 
client cert location in /etc/ldap/ldap.conf and server cert in slapd.conf,
etc. ( man 5 ldap.conf ). Also investigate TLS_REQCERT option, subject of 
certificate's key file's password. And probably, if interested, CRL usage 
and purpose.. 
I must admit I didn't read your post with appropriate attention, but, 
regarding mis-type you mentioned, I bet it's permissions and default 
file locations related.

Regards,
DT

References:
- can't use godaddy SSL cert
  - From: bluethundr <bluethundr@gmail.com>

Prev by Date: can't use godaddy SSL cert
Next by Date: Re: Problem when trying to authenticate squid with openldap server
Index(es):
- Chronological
- Thread