[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS issue with self-signed certificate

On 11/09/2012 07:37 AM, Luc MAIGNAN wrote:
Le 09/11/2012 15:29, Rich Megginson a écrit :
On 11/09/2012 06:08 AM, Luc MAIGNAN wrote:

I want to setup a LDAPS connection with a self signed certificate.

Unfortunaly, I have the following error :

Peer's certificate issuer has been marked as not trusted by the user

I tried to trust is by a : certutil -d ... -A -n 'CA' -t CT,,, -a -i ca.crt

But it doen't change anything.

Has someone an idea for me ?

What is your platform?  What is your openldap version?  Are you using openldap for client, server, or both?

Best regards

I use openLDAP for both client and server.
My system is a Fedora 17, openldap 2.4.33

I think that the top propblem is this one : TLS: cannot open certdb '/etc/openldap/cacerts', error -8018:Unknown PKCS #11 error
Idea ?

Is that error from the client or server?
check for permissions - ls -al /etc/openldap/cacerts
certutil -d /etc/openldap/cacerts -L