Jeff Gamsby wrote:
I am trying to get FDS 1.0.2 working in SSL mode. I am using a
OpenSSL
CA, I have installed the Server Cert and the CA Cert, can start FDS in
SSL mode, but when I run
ldapsearch -x -ZZ I get TLS trace: SSL3 alert write:fatal:unknown CA.
Did you
follow this -
http://directory.fedora.redhat.com/wiki/Howto:SSL
In /etc/ldap.conf, I have put in
TLS_CACERT /path/to/cert
Is this the same /path/to/cacert.pem as below?
TLSREQCERT allow
ssl on
ssl start_tls
If I run
openssl s_client -connect localhost:636 -showcerts -state -CAfile
/path/to/cacert.pem
It looks OK
Please help
Thanks