--On Thursday, August 16, 2007 2:42 PM +0200 Hallvard B Furuseth h.b.furuseth@usit.uio.no wrote:
Quanah Gibson-Mount writes:
TLS_CACERT /opt/zimbra/conf/ca/ca.pem (...) If I change it to TLS_CACERTDIR and adjust to a path, (...)
If I remember correctly TLS_CACERTDIR needs to be set up with some OpenSSL magic, it's not just a directory into which you can drop certificate files. Maybe the reverse is true as well, and a cert from a TLS_CACERTDIR does not work in TLS_CACERT.
Thank you both for your responses. Interestingly enough, slapd will start, and STARTTLS will work, if I create the hash and use TLSCACERTDIR.
However, why won't it work if I use TLS_CACERT <file> ? It should be perfectly valid, and that actually works for me on every other platform I use (Linux). The only one where this doesn't work is on MAC OS X. Must be a Mac specific bug I guess.
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration