[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap tls problem



Michael Fischer <michi.fischer@gmx.net> writes:

> hi,
>
> i hope this is the right list for my problem, if not sorry in advance.
>
> i want to configure slapd to use tls. i have a certifikate signed by
> globalsign and the following lines in my slapd.conf:

[...]
> TLS trace: SSL_connect:before/connect initialization
> TLS trace: SSL_connect:SSLv2/v3 write client hello A
> TLS trace: SSL_connect:SSLv3 read server hello A
> TLS certificate verification: depth: 2, err: 19, subject: /C=US/O=GTE
> Corporation/OU=GTE CyberTrust Solutions, Inc./CN=GTE CyberTrust Global
> Root, issuer: /C=US/O=GTE Corporation/OU=GTE CyberTrust Solutions,
> Inc./CN=GTE CyberTrust Global Root
> TLS certificate verification: Error, self signed certificate in
> certificate chain
> TLS trace: SSL3 alert write:fatal:unknown CA

The ldap client has no knowledge of the CA, edit ldap.conf(5) or .ldaprc
appropriately.

-Dieter

-- 
Dieter Klünter | Systemberatung
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6
53°08'09,95"N
10°08'02,42"E