Hi Richard,
 
Indeed it solved one of the problems, I didnt hash the ca certificte in the client side.
now i am getting new message
 
TLS: hostname does not match CN in peer certificate

 if i understand the meaning the CN and the hostname are not identical but thats not the situation now.

 
I have also tried the opensll s_client -debug -connect (the output is enclosed) 
seems that throgh the openssl it works fine, where am i wrong?
 
Can you see if you have any clue
great thanks  
Yoram


 
On 3/28/07, Richard Megginson <rmeggins@redhat.com > wrote:
Yoram Kahana wrote:
> Hi
>
> Does anyone has an idea on which format should i save the ca
> certificate in the clients (for SSL communication) ?
> Is it PEM, DER, BER
It depends - what client are you trying to configure?  Did you see this
- http://directory.fedora.redhat.com/wiki/Howto:SSL#Configure_LDAP_clients
>
>
> Thanks in advance
>
> Yoram
> ------------------------------------------------------------------------
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users@redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>

--
Fedora-directory-users mailing list
Fedora-directory-users@redhat.com
https://www.redhat.com/mailman/listinfo/fedora-directory-users