FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.

» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Redhat > Fedora User

LinkBack Thread Tools
Old 08-10-2011, 01:32 AM
Bobby Krupczak
Default Help with FC15, ldap/ssl, and certs from CAcert.org


Just upgrading one client machine to FC15.

I have a variety of FC version throughout my network all
authenticating with LDAP over ssl.

I've configured the FC15 client to use ldaps and ssd and its not
working. The ldap server uses a certificate from CAcert.org which
earlier versions of FC have always eaten just fine after adding the
proper root cert to /etc/pki/tls/cert.pem

In FC15, I also noticed that ldapsearch would not work, giving me an

When I added debugging, I get the following error:

TLS: certificate [E=support@cacert.org,CN=CA Cert Signing
Authority,OU=http://www.cacert.org,O=Root CA] is not valid - error
-8172:Unknown code ___f 20.
TLS: error: connect - force handshake failure: errno 0 - moznss error
TLS: can't connect: TLS error -8172:Unknown code ___f 20.

I've added the CAcert.org root cert in the same location and am now
getting this error.

I'll bet this error is also preventing my sssd from communicating with
my ldap server.

Does anyone know why FC15 would be giving me this error?



users mailing list
To unsubscribe or change subscription options:
Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines

Thread Tools

All times are GMT. The time now is 07:45 AM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org