Hi, Am 12.02.15 um 23:09 schrieb Tom Lynch:
>> Put this: >> >> >> TLS_CACERT /var/ldap/cacert.pem >> >> in >> /etc/opt/csw/openldap/ldap.conf >> >> hope this helps. > Jan, > > This didn’t appear to help. Do you mean I need to put this in the ldap.conf > file on my ldap server? no on your client Server/Apache. You need to create a Pam with the CA of you ldap Server. As ldap/ ldap libs don't have a Cert Store to check if the certs you use on your Ldap Server are valid. > > I searched the source code for "LDAP: SSL support unavailable…” that I get > in my log file. That error appears to be in apr-util apr_ldap_option.c in a > section that deals with the Netscape/Mozilla/Solaris SDK. But how does it get > to that section when APR LDAP was built with OpenLDAP LDAP SDK? Well Openldap is in that section. Too. It tries to find the CA Certs. And can't find any. Thats what the error does say. Greetings Jan
