30 Sep
2020
30 Sep
'20
3:47 p.m.
One more update: I edited /etc/openldap/ldap.conf to test TLS_CACERT /etc/openldap/certs/ca.crt and it works with that config. I also re-read the documentation and clarified for myself that if either of these (TLS_CACERT or TLS_CACERTDIR) are NOT set in ldap.conf, that is when the system certs are used, so I believe I definitely want this set in ldap.conf. I suppose the question now is why didn't this work for me with TLS_CACERTDIR but does with TLS_CACERT?