-   Linux - Enterprise (
-   -   eDirectory auth with TLS on Debian apache (

lykwydchykyn 11-25-2008 03:44 PM

eDirectory auth with TLS on Debian apache
I have several Debian and SLES apache servers that have directories authenticating to our Netware eDirectory via authnz_ldap. It works fine when it's not encrypted, but when I try to use TLS encryption, only the SLES servers work.

The Debian boxes all log this error:
[LDAP: ldap_start_tls_s() failed][Connect error]

When I try doing an ldapsearch from the Debian boxes over TLS, I get this:
SSL3_GET_SERVER_CERTIFICATE:certificate verify failed

The Apache documentation seems to suggest that I need to point to a certificate using something like LDAPTrustedGlobalCert, but I don't see the SLES servers doing this anywhere, and they appear to be working.

Can anyone give me a shove in the right direction here?

All times are GMT -5. The time now is 01:54 AM.