[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS headache

--On Monday, June 16, 2003 8:23 PM +0200 Dieter Kluenter <dieter@dkluenter.de> wrote:


"José M. Fandiño" <ldap@fadesa.es> writes:


I'm trying to make a TLS conection work between ldap clients and slapd
but I always get a ssl error. The configuration can't be simpler
I'm using a self-issued certificate.

please, can anyone tellme what's wrong with my configuration?

Openssl requires a trusted certificate on each host, therefor you have to make a CA certifcate (cacert.pem) available to your client applications. See the openssl FAQ.

I have to say that after wrestling with self-signed certs in OpenLDAP for a few months (I did get it to work), I gave up on the whole thing and went to verisign certs because it was much less of a headache.


Quanah Gibson-Mount
Senior Systems Administrator
ITSS/TSS/Computing Systems
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html