On 11-09-16 3:57 AM, vijay s sheelavantar wrote:
I am trying to configure LDAP Client/server on 2 Fedora-10 linux
I have installed and configured openldap-2.4.26 server on one
machine and pam_ldap-186, nss_ldap-265 on the other machines.
I have created the TLS certificates using following command on
openssl req -newkey rsa:1024 -x509 -nodes -out \ server.pem
-keyout server.pem -days 3650
and I have created the client.pem by copying CERTIFICATE portion
of the server.pem.
When my client try to connect to the server I get following
TLS trace: SSL3 alert read:fatal:unknown CA
TLS trace: SSL_accept:failed in SSLv3 read client
TLS: can't accept: error:14094418:SSL
routines:SSL3_READ_BYTES:tlsv1 alert unknown ca.
connection_read(12): TLS accept failure error=-1 id=1012,
connection_closing: readying conn=1012 sd=12 for close
connection_close: conn=1012 sd=12
daemon: removing 12
conn=1012 fd=12 closed (TLS negotiation failure)
My Configurations are as follows.
access to attrs=userPassword
by self write
by anonymous auth
by * none
access to *
by * read
#TLS Certificate section
and client side ldap.confÂ
passwd: files ldap
shadow: files ldap
group: files ldap
netgroup: files ldap
automount: files ldap
I am not getting why it is saying Unknown ca. even though the
certificate is created on server machine itself.
Kindly help me to solve this problem.
Treat yourself at a restaurant, spa, resort and much more with Rediff Deal ho jaye!
you may try this
ln -s client.pem `openssl x509 -noout -hash -in client.pem`.0