Rick Stevens <[email protected]> writes: > Dieter Kluenter wrote: >> Hi, [...] >> OK, could you please provide the TLS related entries of slapd.conf >> and ldap.conf? It seems that the server is not providing a server >> certificate but a CA. > > Okey doke. Here they are: > > TLSCACertificateFile /usr/local/etc/openldap/gbsbilling-cert.pem > TLSCertificateFile /usr/local/etc/openldap/bigdog-cert.pem > TLSCertificateKeyFile /usr/local/etc/openldap/bigdog-key.pem
This is only the content of slapd.conf, the relevant content of ldap.conf(5) is still missing, ldapsearch requires at least the path to CA, further information on the level of certificate checks and the prefered cipher suits are recommended options. -Dieter -- Dieter Klünter | Systemberatung http://dkluenter.de GPG Key ID:8EF7B6C6 53°08'09,95"N 10°08'02,42"E
