all set, not sure why, but changing line in /etc/openldap/ldap.conf to TLS_CACERT /etc/openldap/cacerts/cacert.pem took care of it; thanks again. Aaron ________________________________ From: fedora-directory-users-bounces at redhat.com [mailto:fedora-directory-users-bounces at redhat.com] On Behalf Of Bliss, Aaron Sent: Tuesday, January 17, 2006 7:47 PM To: fedora-directory-users at redhat.com Subject: weird error when querying directory server this works great from a redhat 4 box, however from my redhat 3 box I receive the following error: ldapsearch -x -ZZ '(uid =azb)' ldap_start_tls: Connect error additional info: Start TLS request accepted.Server willing to negotiate SSL. relevant entries of /etc/ldap.conf look like this: pam_password md5 ssl start_tls ssl on tls_cacertfile /etc/openldap/cacerts/cacert.pem tls_cacertdir /etc/openldap/cacerts/ client has read and execute to the ca certificate relavent entries of /etc/openldap/ldap.conf TLS_CACERTDIR /etc/openldap/cacerts TLS_REQCERT allow I'm just trying to verify that ssl logins are working from the redhat 3 box; secure logins from the redhat 4 box work fine. Thanks very much for your help. Aaron www.preferredcare.org "An Outstanding Member Experience," Preferred Care HMO Plans -- J. D. Power and Associates Confidentiality Notice: The information contained in this electronic message is intended for the exclusive use of the individual or entity named above and may contain privileged or confidential information. If the reader of this message is not the intended recipient or the employee or agent responsible to deliver it to the intended recipient, you are hereby notified that dissemination, distribution or copying of this information is prohibited. If you have received this communication in error, please notify the sender immediately by telephone and destroy the copies you received. -------------- next part -------------- An HTML attachment was scrubbed... URL: http://lists.fedoraproject.org/pipermail/389-users/attachments/20060117/8ad8a184/attachment.html
