Jeff Gamsby wrote: > I am trying to get FDS 1.0.2 working in SSL mode. I am using a OpenSSL > CA, I have installed the Server Cert and the CA Cert, can start FDS in > SSL mode, but when I run > ldapsearch -x -ZZ I get TLS trace: SSL3 alert write:fatal:unknown CA. Did you follow this - http://directory.fedora.redhat.com/wiki/Howto:SSL > > In /etc/ldap.conf, I have put in > TLS_CACERT /path/to/cert Is this the same /path/to/cacert.pem as below? > TLSREQCERT allow > ssl on > ssl start_tls > > If I run > openssl s_client -connect localhost:636 -showcerts -state -CAfile > /path/to/cacert.pem > > It looks OK > > Please help > > Thanks > -------------- next part -------------- A non-text attachment was scrubbed... Name: smime.p7s Type: application/x-pkcs7-signature Size: 3178 bytes Desc: S/MIME Cryptographic Signature Url : http://lists.fedoraproject.org/pipermail/389-users/attachments/20060602/f71155a8/attachment.bin
