[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: TLS fails

To: <OpenLDAP-software@OpenLDAP.org>
Subject: RE: TLS fails
From: "Chip Burke" <cburke@innova-partners.com>
Date: Fri, 3 Feb 2006 14:15:23 -0500
Importance: Normal
In-reply-to: <43E3A86D.2040308@jonanddeb.net>

That makes sense as I am using the self signed method described in section
4.1. The problem I have is I am on Fedora Core 4 and there is no CA.sh
script like described in section 4.2, which I imagine that would make things
happy. I assume there is a manual way to do this without the script. If
anyone has a link to a HowTo to set up a CA in Fedora without the CA.sh
script, I would be most appreciative. In the mean time, it is off to Google.

Thanks!
________________________________________
Chip Burke

-----Original Message-----
From: Jon Roberts [mailto:jon@jonanddeb.net] 
Sent: Friday, February 03, 2006 2:01 PM
Cc: Chip Burke; OpenLDAP-software@OpenLDAP.org
Subject: Re: TLS fails

Aaron Richton wrote:
> Sounds like you're on the right track with the server. But I see no note
> of using ldap.conf or .ldaprc to set TLS_CACERT directive for your client.
> See ldap.conf(5).

For a local CA, you will also want the line:

TLSCACertificateFile /path/to/your/cacert.pem

in your slapd.conf file. The error message you are getting indicates 
that you are not finding the CA for verification.

Jon Roberts
www.mentata.com

Follow-Ups:
- RE: TLS fails
  - From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
- Re: TLS fails
  - From: Jon Roberts <jon@jonanddeb.net>

References:
- Re: TLS fails
  - From: Jon Roberts <jon@jonanddeb.net>

Prev by Date: Re: TLS fails
Next by Date: Re: OL 2.3.19, delta-syncrepl issue
Index(es):
- Chronological
- Thread