FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

 
 
LinkBack Thread Tools
 
Old 08-10-2011, 01:32 AM
Bobby Krupczak
 
Default Help with FC15, ldap/ssl, and certs from CAcert.org

Hi!

Just upgrading one client machine to FC15.

I have a variety of FC version throughout my network all
authenticating with LDAP over ssl.

I've configured the FC15 client to use ldaps and ssd and its not
working. The ldap server uses a certificate from CAcert.org which
earlier versions of FC have always eaten just fine after adding the
proper root cert to /etc/pki/tls/cert.pem

In FC15, I also noticed that ldapsearch would not work, giving me an
error.

When I added debugging, I get the following error:

TLS: certificate [E=support@cacert.org,CN=CA Cert Signing
Authority,OU=http://www.cacert.org,O=Root CA] is not valid - error
-8172:Unknown code ___f 20.
TLS: error: connect - force handshake failure: errno 0 - moznss error
-8172
TLS: can't connect: TLS error -8172:Unknown code ___f 20.

I've added the CAcert.org root cert in the same location and am now
getting this error.

I'll bet this error is also preventing my sssd from communicating with
my ldap server.

Does anyone know why FC15 would be giving me this error?

Thanks,

Bobby


--
users mailing list
users@lists.fedoraproject.org
To unsubscribe or change subscription options:
https://admin.fedoraproject.org/mailman/listinfo/users
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines
 

Thread Tools




All times are GMT. The time now is 07:45 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org