Re: (ITS#5993) slapo-chain TLS issues

4 Mar 2009


      duramaxlb7@gmail.com wrote:
...
Master log file when slapo-chain runs
TLS: can't accept: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert
unknown ca.
Slave log file when slapo-chain runs
TLS: can't connect: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed.
To me both messages look like the trusted CA cert (directory) is not
properly configured.
...
I had the same problem with LUMA and that problem went away when I put the
starttls=critical in the chain-idassert-bind
Hmm, are you sure you didn't add "tls_cacertdir=/etc/openldap/cacerts"
to chain-idassert-bind at the same time when testing?
Ciao, Michael.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

Re: (ITS#5993) slapo-chain TLS issues

Master log file when slapo-chain runs

Slave log file when slapo-chain runs