You need to install the ca chain on the client.
If the error you get is from openldap on the client, you need to install the CA
certificates manually in /etc/openldap/cacerts.
Regards
Bjarne Blichfeldt.
-----Original Message-----
From: Per Qvindesland [mailto:perq@me.com]
Sent: 29. juli 2017 12:10
To: FreeIPA users list <freeipa-users(a)lists.fedorahosted.org>
Subject: [Freeipa-users] Custom certificate
Hi All
I installed a custom signed certificate from quovadis, the install on the ipa server wen’t
fine but when I try to add a client (centos 6) it gives error:
LDAP Error: Connect error: TLS error -8172:Peer's certificate issuer has been marked
as not trusted by the user.
The standard google searching doesn’t give any answers from what I can see.
Is there any workaround for this?
Regards
Per