>>> Quanah Gibson-Mount <qua...@symas.com> schrieb am 21.10.2021 um 19:29 in Nachricht <125627C2D6AF4AE00EF3FCDF@[192.168.1.11]>:
> > --On Thursday, October 21, 2021 7:54 PM +0300 Nick Milas > <n...@eurobjects.com> wrote: > >> On 21/10/2021 6:39 μ.μ., Nick Milas wrote: >> >>> From the journal, some excerpts (it is very long): >> >> My fault: I copied parts from the journal before the restart :( >> >> Here is the actual log after restart: > > The client side still says it can't validate the cert. As long as the > client can't validate the cert, you won't be able to establish TLS. > >>From your ldapwhoami output: > > TLS certificate verification: depth: 0, err: 20, subject: > /C=GR/ST=Attik\xC3\xAD/L=Athens/O=National Observatory of > Athens/CN=ldap1.noa.gr, issuer: /C=NL/O=GEANT Vereniging/CN=GEANT OV RSA CA > 4 > TLS certificate verification: Error, unable to get local issuer certificate Maybe use openssl x509 to display the certificate chain, looking for problems, and use the "verify" of openssl to check the certificate (chain). And show us the results ;-) > > --Quanah > > > -- > > Quanah Gibson-Mount > Product Architect > Symas Corporation > Packaged, certified, and supported LDAP solutions powered by OpenLDAP: > <http://www.symas.com>
