David L. Willson wrote:
While trying to setup my new, tested FreeIPA v2 server as an external LDAP 
authenticator for Zimbra 7.1, I got this error:

ssl connect problem most likely untrusted certificate

I found this article:


I'm pretty sure I've successfully imported the certificate for the LDAP server, 
which I downloaded from the web management interface on FreeIPA v2 and imported 
at the shell prompt on the Zimbra server with this command:

sudo /opt/zimbra/java/bin/keytool -import -alias humperdinck -keystore 
/opt/zimbra/java/jre/lib/security/cacerts -storepass changeit -file 

And restarted Zimbra services with these commands:

zmcontrol stop&&  zmcontrol start

Now the error's different. Great. I feel like I'm so close...

Has anyone got this working? Willing to share your settings? Alternately, do 
you already know that this can't be done? Does IPA even support LDAP auth, or 
is it strictly Kerberos for auth?

This is my first run with IPA. So far, it seems like an awesome product, but a 
bit hard to use...

Next on my wish list, is to configure about 30 Ubuntu 10.04 netbooks, 75'ish 
desktops, and 3 servers to use it for authentication and user-data.

You want to import the IPA CA. You can get a copy from /etc/ipa/ca.crt on the server.


Freeipa-users mailing list

Reply via email to