Did you also properly chmod to these two files, if necessary?
TLS_CACERTDIR /etc/openldap/cacerts
TLS_CACERT /etc/openldap/cacerts/cacert.pem
Shuh
----- Original Message -----
From: "Michael Ströder" <[EMAIL PROTECTED]>
To: "Grant Sturgis" <[EMAIL PROTECTED]>
Cc: <[email protected]>
Sent: Friday, December 09, 2005 2:07 AM
Subject: Re: ldaps and Active Directory
Grant Sturgis wrote:
ldap_bind: Can't contact LDAP server (-1)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
I have installed Certificate Services on the W2K domain controller and
exported the CA Cert and copied the file to the linux
box:/etc/openldap/cacerts. In /etc/openldap/ldap.conf I have tried:
TLS_CACERTDIR /etc/openldap/cacerts
TLS_CACERT /etc/openldap/cacerts/cacert.pem
Which OpenLDAP version are you using?
There have been fixes to SSL configuration in 2.3.12.
Ciao, Michael.
