Hi,
I’m adding SSL to an existing openLDAP server. My certificate is a 2048 bit from Comodo and I need to install both the certificate and and the intermediate chain, 5 certificates altogether. I bundled the chain into a single file in the order Comodo lists and in slapd.conf I added:
TLSCACertificateFile /path/to/providerBundle.crt
TLSCertificateFile /path/to/mycert.pem
TLSCertificateKeyFile /path/to/mykey.pem
Then I restarted openLDAP. I have several different browsers to test the SSL connection, and mostly they all worked just fine. However, lbe, a java based browser that I think was originally from Novel, asks me if I want to trust the CA root certificate, which is the first cert in the CA bundle.
So, needless to say, I’m confused. Can anyone help unconfuse me?
Thanks.
Rob Tanner
UNIX Services Manager
Linfield College, McMinnville Oregon