[Date Prev][Date Next] [Chronological] [Thread] [Top]

Intermediate certificates not being sent

To: openldap-technical@openldap.org
Subject: Intermediate certificates not being sent
From: Nat Sincheler <fai1107@macrotex.net>
Date: Mon, 25 Jul 2016 10:06:23 -0700
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:45.0) Gecko/20100101 Thunderbird/45.2.0

We have an OpenLDAP server that is listening on port 636 over ldaps.When I run


  openssl s_client -showcerts -connect ldap-server:636

I only see the host certificate. The intermediate and root certificatesdo *not* come through.


For this server I have in the file slapd.d/cn=config.ldif the setting

olcTLSCACertificatePath: /etc/ssl/certs

I checked and all the intermediate and root certificates are in/etc/ssl/certs soft-linked via the usual OpenSSL rehash hash, e.g.,

lrwxrwxrwx 1 root root 42 Jul 14 19:03 b4261fc2.0 ->/etc/ssl/certs/incommon-usertrust-2024.pem

Any idea why the intermediate and root certificates do not get sent tothe LDAPS client? Is there something in the LDAP log that might give mea clue as to what is going on?

Follow-Ups:
- Antw: Intermediate certificates not being sent
  - From: "Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de>

Prev by Date: sizelimit
Next by Date: Antw: Intermediate certificates not being sent
Index(es):
- Chronological
- Thread