Do the Certificate CN matching to servername ? Thanks
On Sat, Jun 29, 2013 at 12:31 AM, Darouichi, Aziz <[email protected] > wrote: > Hi,**** > > ** ** > > ** ** > > I am trying to configure TLS/SSL and I have a Cert from Geotrust . I > configure slapd.conf with the followings:**** > > ** ** > > # TLS/SSL information**** > > ** ** > > # TLSCipherSuite HIGH:MEDIUM:+SSLv2**** > > TLSCACertificateFile /opt/local/etc/openldap/GeoTrust_Global_CA.cer**** > > TLSCertificateFile /opt/local/etc/openldap/rhea.curry.edu.pem.cer**** > > TLSCertificateKeyFile /opt/local/etc/openldap/rhea.key.pem**** > > ** ** > > But when I check the cert using “openssl s_client -connect > 192.168.60.43:636 -CApath /opt/local/etc/openldap/” I get **** > > CONNECTED(00000003)**** > > 140230373582504:error:140790E5:SSL routines:SSL23_WRITE:ssl handshake > failure:s23_lib.c:177:**** > > ---**** > > no peer certificate available**** > > ---**** > > No client certificate CA names sent**** > > ---**** > > SSL handshake has read 0 bytes and written 321 bytes**** > > ---**** > > New, (NONE), Cipher is (NONE)**** > > Secure Renegotiation IS NOT supported**** > > Compression: NONE**** > > Expansion: NONE**** > > ** ** > > I checked the log I see TLS connection **** > > ** ** > > ** ** > -- http://linuxmantra.com
