I've written a guide to get the LDAPS working with self signed certificates which show all the steps involved from certificate creation to LDAPS from a to z. The guide you find is located here http://www.csse.uwa.edu.au/~ashley/ Hope that helps. Regards Ashley On Mon, 16 Apr 2007, Paolo Ercolani wrote: > I want my linux box logging in using ldap on ssl with self-signed > certificate. I read a lot of documents, but i can't get over a problem. > > I created my own CA on my ldap server and i'm signing my certificates. Then i > requested a certificate for my client using fedora directory browser, manage > certificate's option. I signed it with my CA and then i put it on my client. > I installed my CA in DS using the gui. > My DS seems to recognize, now, my certificate. Infact, it doesn't tell me > anymore he doesn't recognize peer. It seems to go, on server side. I > increased log level on client and now i can see these messages: > > TLS certificate verification: Error, self signed certificate in certificate > chain > TLS certificate verification: Error, invalid CA certificate > TLS certificate verification: Error, unsupported certificate purpose > TLS: unable to get peer certificate. > request done: ld 0x83f2ee0 msgid 1 > > I don't know what it is and i wanna tell you i used the howto on fedora > directory server's site for making and importing the self signed certificate, > but maybe i don't understand something.... > > Can anyone help me with this please?? > > Thanks in advance. > Paolo > > -- > Fedora-directory-users mailing list > Fedora-directory-users at redhat.com > https://www.redhat.com/mailman/listinfo/fedora-directory-users > > > !DSPAM:272,4623a5e1248941804284693! > -- Ashley Chew - Systems Administrator School of Computer Science and Software Engineering University of Western Australia Tel: (+61 8) 6488 7082 - Fax: (+61 8) 6488 1089 Ashley[@]csse.uwa.edu.au - http://www.csse.uwa.edu.au/~ashley "There is no such thing as Fate, Fate is what you make of it!"
