[Freeipa-users] Can't contact LDAP server: TLS error -8172:Peer's certificate issuer has been marked as not trusted by the user
Tim Hughes
thughes at thegoldfish.org
Mon Nov 5 18:51:39 UTC 2012
I am trying to migrate from a fedora-ds-1.1.2-1.fc6 server to
ipa-server-2.2.0-16.el6.x86_64 with the following command
ipa migrate-ds ldaps://fedora-ds-server.internal --continue --with-compat
--base-dn=dc=custsvc,dc=mycompany
--user-container=ou=People,ou=custsvc,dc=co,dc=mycompany
--group-container=ou=Groups,ou=custsvc,dc=co,dc=mycompany
I get the following response.
ipa: DEBUG: approved_usage = SSLServer intended_usage = SSLServer
ipa: DEBUG: cert valid True for "CN=ipa-server.internal,O=CO.MYCOMPANY"
ipa: DEBUG: handshake complete, peer = 192.168.10.6:443
ipa: DEBUG: Caught fault 4203 from server http://ipa-server.internal/ipa/xml:
Can't contact LDAP server: TLS error -8172:Peer's certificate issuer has
been marked as not trusted by the user.
ipa: DEBUG: Destroyed connection context.xmlclient
ipa: ERROR: Can't contact LDAP server: TLS error -8172:Peer's certificate
issuer has been marked as not trusted by the user.
I am trying to work out which certificate is not trusted and how I should
make it trusted. Any help would be appreciated.
Tim Hughes
mailto:thughes at thegoldfish.org
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://listman.redhat.com/archives/freeipa-users/attachments/20121105/67b0fb72/attachment.htm>
More information about the Freeipa-users
mailing list