[Date Prev][Date Next] [Chronological] [Thread] [Top]

[seeking help] unknown CA - p.s.

I want to add that the new failing web server that I compiled shows "bad
checksum" while the successful one does not. Would this affect the result?


On Fri, 26 Sep 2003, Ben Kim wrote:

> Hi,
> I have a php script authenticating user against an ldap server (not under
> my control) which I know has no problem.
> But when I use it on my newly compiled server, it cannot bind with ldaps
> protocol. Packet traces show the following exchange.
> - client: Client Hello
> - server: Server Hello, Certificate, Server Hello Done
> - client: Alert (Level: Fatal, Description: Unknown CA)
> On google, it seems to be one of the standard error strings: 
> "   "CA"/"unknown CA"
>           A valid certificate chain or partial chain was received, but
> the certificate was not accepted because the CA certificate could not be
> located or couldn't be matched with a known, trusted CA. This message
> is always fatal."
> My question is, how can I fix this problem? I checked the configuration of
> another machine on which this script works perfectly, but cannot easily
> find the difference.
> Any insight would be appreciated.
> Thanks.
> Ben