> > [root at test]# ldapsearch -x -ZZ '(uid=testuser)' > ldap_start_tls: Connect error (-11) > additional info: TLS:hostname does not match CN in peer > certificate > > > How can I solve ? The server hostname you pass to ldapsearch must exactly match the CN in the certificate you signed for the server. So, if you signed the certificate with a fully-qualified domainname (e.g. ldaphost.example.com), use "-h ldaphost.example.com" instead of "-h ldaphost". Alex aka Magobin wrote: > Hi, > After with your help, succesfully configured replication between server > I take a look to configure client's authentication through ldap > server...I have 2 question: > > 1) Is it possible add a user directly from fedora ds as posix user using > groups from server?..I don't know is groups is integrated with > system...is it possible to add server groups to Fedora DS groups? > > 2) Reading ssl howto I export CA certificate to client(fedora core5) > in /etc/openldap/cacerts....(some of steps in ssl howto are > automatically generated from fedora core 5 as installing in cacerts > directory in x509 mode) but when I try to check if ssl is enable the > answer is: > > [root at test]# ldapsearch -x -ZZ '(uid=testuser)' > ldap_start_tls: Connect error (-11) > additional info: TLS:hostname does not match CN in peer > certificate > > > How can I solve ? > > Alex > > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > >
