Thank you Ryan. I can confirm the statement by setting,
olcTLSCACertificateFile: ""
at the server. Previously it was set with the right Root CA.
Dalton
On 8/26/20 12:12 AM, Ryan Tandy wrote:
On Tue, Aug 25, 2020 at 08:51:43PM -0500, Dalton Zhang wrote:
Can someone help me to understand what's wrong?
Is the CA in question also present in your system-wide trust store? Configuring TLS_CACERT has the side effect of enabling the global roots as well as the specified one. See [ITS#5582].