[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: problem SSL authentication

Have you edited ldap.conf to tell ldapsearch where the CA certificate is?
TLS_CACER=path to CA cert.

If you have done that step then
run ldapsearch in debug mode and it will tell you if it successfully read the CA file.

On May 26, 2004, at 5:01 PM, Antonio Ruiz Martínez wrote:


Thanks for your answer.

Dave Lewney wrote:

Antonio Ruiz Martínez wrote:

I'm doing a search with ldapsearch. My server is configurated in
order to do a SSL connection but it is not necessary a client
authentication. However when I execute the command
ldapsearch -b "ou=USERS,o=ARM'S PKI,c=ES" -LLL -D
"cn=ARM,ou=USERS,o=ARM'S PKI,c=ES" -H ldaps://micropeich.dif.um.es -ZZ

It seems the server is requesting the user certificate because I'm
getting the following:

ldap_start_tls: Can't contact LDAP server (81)
        additional info: error:14090086:SSL
:certificate verify failed