[Date Prev][Date Next]
Re: Client says Can't contact LDAP server, but it can!
--On Monday, July 28, 2008 11:30 AM -0700 John Oliver
On Mon, Jul 28, 2008 at 09:20:23AM +0200, Buchan Milne wrote:
Or, ensure that the "CA certificate" that the clients use contains the
certificates of the issuer of both of the server certificates, and that
the value of the subject CN on both certificates matches the name you
use to connect to the servers.
openssl req -newkey rsa:1024 -x509 -nodes -out server.pem -keyout
server.pem -days 3650
This generates a self-signed cert without a CA. That's part of the root of
your problem. By your own email, you have no concept of how SSL signing
and authority works. Yet you reject the advice that's been given out of
hand. Go back to the link I sent you, and set up your certs correctly,
which a valid self-generated CA, or do as others have suggested, stop using
SSL until you understand how it works.
Principal Software Engineer
Zimbra :: the leader in open source messaging and collaboration