--On Monday, July 28, 2008 12:44 PM -0700 John Oliver joliver@john-oliver.net wrote:
I do appreciate all of the help, and apologize if I seem dense. I know that the root cause is my lack of knowledge here. I'm reading as fast as I can, but an awful lot of this documentation assumes a lot of things. I've never worked with SSL before, and my eyes are rolling back in my head :-) On top of that, I have people breathing down the back of my neck to make this work on a short deadline. Very frustrating :-(
You continue to do things incorrectly, and be unhappy when they don't work because of it. Again, to set up your LDAP servers *correctly* with SSL/TLS, you will need to create your own CA and sign your certs with it, or order commercial certs, and install their CA. Period. Can you do a single server easily the way you've done things? Yes, but it is still broken. Can you do *multiple* servers the way you've done it, easily? No, you cannot. Take the time to do it right. If you'd simply done that from when I first emailed you on 7/24, you'd be 4 days further ahead of where you are now.
--Quanah
--
Quanah Gibson-Mount Principal Software Engineer Zimbra, Inc -------------------- Zimbra :: the leader in open source messaging and collaboration