Hello all. I'm faced with an openssl issue I'm not sure how to debug. In the "/etc/ldap.conf" file on my RHEL server I've set "tls_checkpeer" to "yes", and find that running "openssl s_client -connect <ldapserver>:636 -showcerts -CAfile CA-certificate.crt" returns ok (i.e "verified), while issuing "getent passwd someuser" returns "TLS certificate verification: Error, certificate signature failure". Both "ldap.conf" and the openssl-command above points to the same "CA-certificate.crt" file. I don't understand how come the openssl command accepts the certificate, while the getent command doesn't. Any advice on how to proceed debugging this is greatly appreciated. Regards, Kenneth Holter -- redhat-list mailing list unsubscribe mailto:redhat-list-request@xxxxxxxxxx?subject=unsubscribe https://www.redhat.com/mailman/listinfo/redhat-list
