Date: Tue, 3 Nov 2015 07:50:01 +0100 From: "Herbert J. Skuhra" <herbert@oslo.ath.cx> To: freebsd-questions@freebsd.org Subject: Re: ldapsearch over SSL can not bind Message-ID: <20151103065001.GA24103@oslo.ath.cx> In-Reply-To: <20151102162214.GB1775@c720-r276659> References: <20151102162214.GB1775@c720-r276659>
next in thread | previous in thread | raw e-mail | index | archive | help
On Mon, Nov 02, 2015 at 05:22:14PM +0100, Matthias Apitz wrote: > > Hello, > > I'm trying to make from FreeBSD a LDAPsearch in some Novell eDirectory > with the following command: > > $ ldapsearch -Z -H ldaps://romega:1027 -b 'ou=person,o=uni' -D 'cn=XXXXXXXXXX,ou=service,o=uni' -w XXXXXXXXXX > ldap_start_tls: Can't contact LDAP server (-1) > additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (self signed certificate in certificate chain) > ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) Have you tried the TLS_ vars in ldap.conf(5); eg. TLS_CACERT, TLS_REQCERT? -- Herbert
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20151103065001.GA24103>