On Tuesday 23 November 2004 16:57, Dr. Stephen Henson wrote: > On Tue, Nov 23, 2004, Florin Angelescu wrote: > > Hello > > I am trying to set up an ssl acces to ldap > > following http://www.openldap.org/faq/data/cache/185.html > > > > i created my ca > > and signed the certificates for the server and client > > but i still get a 'self signed error' > > i checked and i saw that it was because of cacert.pem which is selfsigned > > > > question : how to solve this ??? > > (do i have to sign the CA certificate by another CA ? and how ? ) > > thank you very much > > Firstly I'd suggest you use CA.pl instead of CA.sh which is older. > > What is giving you the error? If its a client then you'd need to include a > command line switch or configuration option telling it to include > 'cacert.pem' in its trusted list of CAs. > > Steve. > -- Thank you for answering. The error is given by ldapsearch ( and ldap.conf & sldap.conf are well configured). The error is also reported by openssl. "self signed certificate in certification chain" (the CA certificate)
______________________________________________________________________ OpenSSL Project http://www.openssl.org User Support Mailing List [EMAIL PROTECTED] Automated List Manager [EMAIL PROTECTED]