[Date Prev][Date Next]
Re: TLS verify errors
--On Thursday, August 16, 2007 2:42 PM +0200 Hallvard B Furuseth
Quanah Gibson-Mount writes:
If I change it to TLS_CACERTDIR and adjust to a path, (...)
If I remember correctly TLS_CACERTDIR needs to be set up with some
OpenSSL magic, it's not just a directory into which you can drop
certificate files. Maybe the reverse is true as well, and a cert
from a TLS_CACERTDIR does not work in TLS_CACERT.
Thank you both for your responses. Interestingly enough, slapd will start,
and STARTTLS will work, if I create the hash and use TLSCACERTDIR.
However, why won't it work if I use TLS_CACERT <file> ? It should be
perfectly valid, and that actually works for me on every other platform I
use (Linux). The only one where this doesn't work is on MAC OS X. Must be
a Mac specific bug I guess.
Principal Software Engineer
Zimbra :: the leader in open source messaging and collaboration