dn: cn=config
add: olcTLSCertificateFile
olcTLSCertificateFile:
/etc/ssl/myKey/
{name_of_your_server}_slapd_cert.pem
dn: cn=config
add: olcTLSCertificateKeyFile
olcTLSCertificateKeyFile:
/etc/ssl/myKey/
{name_of_your_server}
_slapd_key.pem
Hi,>On Mon, Dec 12, 2011 at 4:19 PM, reyman <reyman64@gmail.com> wrote:>With the option -ZZ i think, try this>ldapsearch -x -LLL -ZZ -d 150
Yeah, It shows output containing ber_dump, ldap_write,ldap_read, tls_write, tls_read etc. But at the end is shows the following:
TLS certificate verification: Error, self signed certificate
TLS: can't connect: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (self signed certificate).
ldap_start_tls: Connect error (-11)
additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (self signed certificate)
Why it shows an error ? and how to resolve this?
and when I do ldapsearch with -ZZ option it gives error
$ldapsearch -x -v -D "cn=root,dc=abc,dc=com" -w cluster -b "ou=People,dc=abc,dc=com" "uid=ldap_6" -h n0 -ZZ
ldap_initialize( ldap://n0 )
ldap_start_tls: Connect error (-11)
additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
-->On Mon, Dec 12, 2011 at 11:21 AM, Jayavant Patil <jayavant.patil82@gmail.com> wrote:
>>Hi,
>> I am using openldap-2.4.19-4.x86_64 on fedora 12 machine. I have enabled openldap SSL/TLS. How do I know >>(test) that I am using SSL/TLS connections instead of normal ldap:///?
--
Thanks & Regards,
Jayavant Ningoji Patil
Engineer: System Software
Computational Research Laboratories Ltd.
Pune-411 004.
Maharashtra, India.
+91 9923536030.
--
Thanks & Regards,
Jayavant Ningoji Patil
Engineer: System Software
Computational Research Laboratories Ltd.
Pune-411 004.
Maharashtra, India.
+91 9923536030.