[Date Prev][Date Next]
RE: [seeking help] unknown CA
Great thanks to Tony and Howard!!!
to the ldap.conf and it now works like magic. Hope this is the correct
> RedHat's openldap rpms are extremely old, they still ship OpenLDAP 2.0.25.
> The OpenLDAP 2.0 client library didn't do certificate verification by
> default, which is why your Linux install "works" without any CA cert
> configuration. It is working, but it's not providing any real security. Set
> the TLS_CACERT in the OpenLDAP ldap.conf file. Don't use TLS_CACERTDIR unless
> you've read the OpenLDAP Admin Guide and the OpenSSL docs and actually know
> what you're doing.