Hi,
i've been working on this problem quite long now.
OpenLDAP on my OpenSuSE 13.1 is compiled with gnutls apparently.
But connecting to the OpenLDAP server fails with the following message:
# ldapsearch -h localhost -W -D uid=admin,dc=example,dc=net -b
dc=example,dc=net -s sub "(uid=user1)" -v -ZZ
ldap_initialize( ldap://localhost )
ldap_start_tls: Connect error (-11)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:_certificate verify failed
(unsupported certificate purpose)__
__
_Tracking down this error lead to a missing "Netscape Extension" called
"server".
[Source:
http://www.openldap.org/lists/openldap-software/200704/msg00278.html]
Well... _how do I create a CSR with gnutls/certtool with this
extension??_ :)
I simply can't figure it out... maybe I missed something?!
In openssl there is a directive "nsCertType = server"... I suppose
that's what I am looking for :)
I appreciate any help. Thank you very much in advance!
Marc
_______________________________________________
Gnutls-help mailing list
[email protected]
http://lists.gnupg.org/mailman/listinfo/gnutls-help
