Rick Stevens rps2@socal.rr.com writes:
Dieter Kluenter wrote:
Hi,
[...]
OK, could you please provide the TLS related entries of slapd.conf and ldap.conf? It seems that the server is not providing a server certificate but a CA.
Okey doke. Here they are:
TLSCACertificateFile /usr/local/etc/openldap/gbsbilling-cert.pem TLSCertificateFile /usr/local/etc/openldap/bigdog-cert.pem TLSCertificateKeyFile /usr/local/etc/openldap/bigdog-key.pem
This is only the content of slapd.conf, the relevant content of ldap.conf(5) is still missing, ldapsearch requires at least the path to CA, further information on the level of certificate checks and the prefered cipher suits are recommended options.
-Dieter
openldap-software@openldap.org