Hi,
Because you're using chain type referrals you need to "trust" the certificate from the ldap server you are "referring" to on the LDAP clients issuing queries.
Andrei BĂNARU Internal Support CCNA Security, CCIP StreamWIDE Romania
On 16.07.2012 00:25, Warren Howard wrote:
Hi,
I'm not able to get slapo-chain + TLS to work. Slapo-chain without TLS works, syncrepl + TLS works, the ldapclients with TLS works, just slapo-chain + TLS does not work.
"man slapo-chain" contains no information about the tls options for slapo-chain, but with I enable "chain-tls start" (as described in the OpenLDAP Admin Guide) I get the error : TLS negotiation failure.
What TLS options for slapo-chain are available for me to configure to get this working?
Note : I'm using Ubuntu 12.04 with slapd 2.4.28 provided by the distribution.
Regards,
Warren.