Re: SSL server certificate that has an intermediary certificate in the chain

On Fri, 29 Jul 2011, Francis Swasey wrote: > I have tried placing both the server certificate and the intermediate > certificate in the same file. OpenLDAP won't start if I put the > intermediate certificate first, and openssl fails to verify the > certificate chain if I put the server certificate first in the file. > > Have I missed something obvious or has OpenLDAP really forced me into > the position of needing to add the intermediate certificate from my SSL > CA Vendor into my trusted store on all my clients? It's a CA cert; have you tried adding it to the file specified by the TLSCACertificateFile option?