Re: ldap_start_tls: Connect error - self signed certificate in certificate chain

30 Sep 2020


      Update:  
Commenting out this line in /etc/openldap/ldap.conf seems to fix.
#TLS_CACERTDIR	/etc/openldap/certs
I see now I missed the ldap.conf.rpmnew file after upgrade which by default has TLS_CACERT commented out. 
I still am having trouble understanding why this worked before but not after upgrade (assuming related to moznss but not certain).  Can someone help explain the use of TLS_CACERTDIR or TLS_CACERT in the ldap.conf file vs being applied via ldif (as I have done and is noted above)?   Does setting the parameter in ldap.conf mean the shared system certs are used?  The documentation is confusing me.  Thanks.

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

Re: ldap_start_tls: Connect error - self signed certificate in certificate chain