Re: TLS trace: SSL3 alert write:fatal:unknown CA

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Jeff Gamsby wrote:
I am trying to get FDS 1.0.2 working in SSL mode. I am using a OpenSSL CA, I have installed the Server Cert and the CA Cert, can start FDS in SSL mode, but when I run 
ldapsearch -x -ZZ  I get TLS trace: SSL3 alert write:fatal:unknown CA.

Did you follow this - http://directory.fedora.redhat.com/wiki/Howto:SSL


In /etc/ldap.conf, I have put in
TLS_CACERT /path/to/cert

Is this the same /path/to/cacert.pem as below?

TLSREQCERT allow
ssl on
ssl start_tls

If I run
openssl s_client -connect localhost:636 -showcerts -state -CAfile /path/to/cacert.pem 

It looks OK

Please help

Thanks

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux