[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Ubuntu Server 12.04: StartTLS


On November 4, 2012 11:13:27 PM admus wrote:
> Hello,
> I'm following
> https://help.ubuntu.com/12.04/serverguide/openldap-server.html#openldap-tls
> -replication how to: LDAP serwer starts correctly but when I tries to test
> StartTLS:
> ldapsearch -x -H ldap:/// -ZZ -d -1
> I gets the following error:
> TLS: peer cert untrusted or revoked (0x42)
> TLS: can't connect: (unknown error code).
> ldap_err2string
> ldap_start_tls: Connect error (-11)
>     additional info: (unknown error code)
> Any idea?

Have you verified your certificate? What is the output of :

openssl s_client -connect ldap1.example.com:636 -showcerts

or  on the server itself you can dump the cert info

cat ldap-cert.pem | openssl x509 -text