[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAPS connection failing with a "TLS accept failure error -1"



Marcelo de Moraes Serpa <celoserpa@gmail.com> writes:

> Hello all,
>
> I hope someone could help me -- I'm trying for almost one whole day already
> and couldn't get LDAP over SSL to work, without success.
[...]
> I have generated a self-signed certificate using this command:
>
> sudo openssl req -newkey rsa:1024 -x509 -nodes -out server.pem -keyout
> server.pem -days 3650
[...]

This is not the proper way to create a certificate chain.
1. create a certificate authority
2. create a server certificate
3. sign the server certificate with the CA
4. extract the password from server certificate into a key

You may use tinyCA to create the chain
http://tinyca.sm-zone.net/index.html

-Dieter

-- 
Dieter Klünter | Systemberatung
sip: +49.40.20932173
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6