[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Trying to get TLS Working

man, 27.09.2004 kl. 23.44 skrev David Wheeler:

> Pardon my newbie-ness. I'm setting up my new OpenLDAP server to  
> authenticate for Subversion and, eventually other things (postfix,  
> Bricolage, RT, etc.). But right now I'm running into trouble getting  
> TLS to work, both with the ldap clients and with  
> mod_auth_ldap/mod_ldap. Here's an example:
>    % ldapsearch -x -b 'dc=example,dc=com' -D  
> "cn=admin,dc=example,dc=com" \
>      -h ldap.example.com -w password -ZZ '(objectclass=*)'
>    ldap_start_tls: Connect error (-11)
>            additional info: error:14090086:SSL  
> routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
> I set up my certificates according to the instructions on this handy  
> page:

If you just set up a perfectly normal server cert signed by a perfectly
normal (self-generated) CA cert as described in Kent Soper's HOWTO, what
happens then? That's how I make mine. Postfix, Apache, Openldap, all
work with the one, same, server cert.


«Livet er ein gamp», sa øyken.
I can confirm this.

mail: tonye@billy.demon.nl

They love us, don't they, They feed us, won't they