[Date Prev][Date Next]
I have this weird problem with TLS configuration. I have this LDAP
server working for a long time but without any use off TLS/SSL. So I
decided to set it up to use TLS. I created a server.pem that i placed in
/etc/ssl/openldap an configured slapd.conf and ldap.conf as I show later
All seemed well if it wasn't for the following problem.
If I execute this command line:
ldapsearch -LLL -H ldaps://fqdn/ -x -D"cn=root,dc=dcc"
as root it works and with some other user it doesn't.
As root I get all my entries in my subtree (expected) and with any other
user I get:
ldap_bind: Can't contact LDAP server (81)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
(I'm only displaying the lines I added to my working configuration)
My slapd.conf contains the following lines:
and my /etc/ldap.conf contains the following lines:
ssl ssl start_tls