Jon C Kidder wrote: > TLS trace: SSL_connect:SSLv3 read server hello A > TLS certificate verification: depth: 1, err: 19, subject: […] > TLS certificate verification: Error, self signed certificate in certificate chain > TLS trace: SSL3 alert write:fatal:unknown CA I think this messages are pretty clear. Something's wrong on your back-ldap proxy with validating the target server's certificate. It's a pretty good idea to verify first on the command-line: openssl s_client -connect ldap.example.com:636 -CAfile /path/to/rootca.crt LDAPTLS_CACERT=/path/to/rootca.crt ldapwhoami ldaps://ldap.example.com Ciao, Michael.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature