On Sun, 2012-02-05 at 09:43 -0700, Chris Jacobs wrote: > Yes: Specify your cacert file in openldap's ldap.conf file (NOT PADL's in > /etc/): typically /etc/openldap/ldap.conf or perhaps > /usr/local/openldap/etc/openldap/ldap.conf.
That's it. Thank you! > If the cert is signed by a real CA then your system's cacert bundle needs > updating. It's self-signed. And (I *think*) things are working. > And use openssl vs mozilla's ssl - my understanding is that it doesn't quite > work right; especially when building openldap. I'm using Fedora's binaries; and they're built against NSS these days. Braden
