Jon,
After you sent your email yesterday I made sure to check it in both
places, and I re-copied cacert.pem from the server to the client again,
just to make sure. Sorry, I should have said that. Thanks for catching
that. :-)
I'm about to head into the office and read through the docs Howard
pointed me at, and see if anything jumps out at me.
Thanks,
Fran
Jon Roberts wrote:
Fran Fabrizio wrote:
> # openssl verify -CAfile /etc/openldap/cacerts/cacert.pem -purpose
> sslserver /var/lib/ldap/servercrt.pem
Yep, sure did, it verified ok. (See original email for the output)
In the original email, you had:
# openssl verify -CAfile /var/lib/ldap/cacert.pem -purpose sslserver
/var/lib/ldap/servercrt.pem
/var/lib/ldap/servercrt.pem: OK
but this is testing against the server side CA cert. Do you see the
difference in my command (CAfile argument)? Still, sounds like you may
have done this too. In that case, undoubtedly Howard has a better idea
what's going wrong.
Jon Roberts
www.mentata.com
---
You are currently subscribed to [email protected] as: [EMAIL PROTECTED]
To unsubscribe send email to [EMAIL PROTECTED] with the word
UNSUBSCRIBE as the SUBJECT of the message.
--
Fran Fabrizio
Senior Systems Analyst
Department of Computer and Information Sciences
University of Alabama at Birmingham
http://www.cis.uab.edu/
205.934.0653
---
You are currently subscribed to [email protected] as: [EMAIL PROTECTED]
To unsubscribe send email to [EMAIL PROTECTED] with the word UNSUBSCRIBE as the
SUBJECT of the message.
