[Fedora-directory-users] TLS trace: SSL3 alert write:fatal:unknown CA
Richard Megginson
rmeggins at redhat.com
Fri Jun 2 15:43:45 UTC 2006
Jeff Gamsby wrote:
> I am trying to get FDS 1.0.2 working in SSL mode. I am using a OpenSSL
> CA, I have installed the Server Cert and the CA Cert, can start FDS in
> SSL mode, but when I run
> ldapsearch -x -ZZ I get TLS trace: SSL3 alert write:fatal:unknown CA.
Did you follow this - http://directory.fedora.redhat.com/wiki/Howto:SSL
>
> In /etc/ldap.conf, I have put in
> TLS_CACERT /path/to/cert
Is this the same /path/to/cacert.pem as below?
> TLSREQCERT allow
> ssl on
> ssl start_tls
>
> If I run
> openssl s_client -connect localhost:636 -showcerts -state -CAfile
> /path/to/cacert.pem
>
> It looks OK
>
> Please help
>
> Thanks
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3178 bytes
Desc: S/MIME Cryptographic Signature
URL: <http://listman.redhat.com/archives/fedora-directory-users/attachments/20060602/f71155a8/attachment.bin>
More information about the Fedora-directory-users
mailing list