I'm trying to setup LDAP/SSL/TLS. Somebody told me that PKCS is a moznss
issue and I should ask this question with you guys and not the openssl
group.
TLS: certdb config: configDir='/etc/openldap/cacerts/'
tokenDescription='ldap(0)' certPrefix='' keyPrefix='' flags=readOnly
TLS: cannot open certdb '/etc/openldap/cacerts/', error -8018:Unknown
PKCS #11 error.
TLS: loaded CA certificate file /etc/openldap/cacerts//5e5a5bcb.0 from
CA certificate directory /etc/openldap/cacerts/.
TLS: certificate
[E=s...@stuff.com,CN=fl1-lsh99apa007.securesites.com,OU=shit,O=Verio,L=B
oca,ST=Florida,C=US] is not valid - error -8172:Peer's certificate
issuer has been marked as not trusted by the user..
TLS: error: connect - force handshake failure: errno 0 - moznss error
-8172
TLS: can't connect: TLS error -8172:Peer's certificate issuer has been
marked as not trusted by the user..
ldap_err2string
ldap_start_tls: Connect error (-11)
additional info: TLS error -8172:Peer's certificate issuer has
been marked as not trusted by the user.
Any help will be greatly appreciated.
Rod
This email message is intended for the use of the person to whom it has been
sent, and may contain information that is confidential or legally protected. If
you are not the intended recipient or have received this message in error, you
are not authorized to copy, distribute, or otherwise use this message or its
attachments. Please notify the sender immediately by return e-mail and
permanently delete this message and any attachments. Verio Inc. makes no
warranty that this email is error or virus free. Thank you.
--
dev-tech-crypto mailing list
dev-tech-crypto@lists.mozilla.org
https://lists.mozilla.org/listinfo/dev-tech-crypto
