On Apr 8, 2010, at 6:55 AM, Götz Reinicke - IT Koordinator wrote: > So dose my local ldap client (Apache Directory Studio (ADS) on mac OS X > 10.6.x ). > > Nearly, because the servers and the ADS client both alert me, that I use > invalide certificates and the cerificate can't be validated. > > But I have e.g. on the Mac imported my ca cert in the Macs keychain > (once for sytem resp. for login) and the use for everything (ssl, IPsec, > X.509, ...) is set to trust.
I have never used Apache DS but since it runs on Eclipse, I would not be surprised if it did not use the Mac Keychain. Try adding the CA cert to the Java Keystore used by the JVM. S. -- san...@temme.net http://www.temme.net/sander/ PGP FP: 51B4 8727 466A 0BC3 69F4 B7B8 B2BE BC40 1529 24AF ______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List openssl-users@openssl.org Automated List Manager majord...@openssl.org