[Date Prev][Date Next]
RE: TLS questions...
Yes, this has been done to death.
You need to tell the SSL client what CA certificates it should trust.
-- Howard Chu
Chief Architect, Symas Corp. Director, Highland Sun
Symas: Premier OpenSource Development and Support
> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Peter Lavender
> Hi everyone,
> I know this has been done to death, but I'm really struggling to get
> ldaps to work on my system.
> Following various howtos and the like I have a CA, I have created a
> key and certificate for the ldap server, however it continues to fail
> on connection.
> Here is the output from a client connection:
> root@hppa/etc/ssl/CA # openssl s_client -connect ldap.sspl.net.au:636
> Root CA
> verify error:num=19:self signed certificate in certificate chain
> verify return:0
> 24994:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake
> I haven't been able to find any info that I can use to help resolve
> this problem.
> Should I head over to the openssl mailing lists and ask this?