David Goldberg writes: > I updated openldap from 2.4.42-1 to 2.4.48-1 this morning and now > ldapsearch will not connect, complaining that the server provided > certificate is self signed. I have set up /etc/pki with my company's > certificate chain and that allows 2.4.42-1 (and earlier) and other > applications to properly authenticate local services.
The PKI layout was slightly changed a while ago and the newer openssl library used by the fresh openldap build may not pick up on the old locations anymore. What you should do is place the certificates into the /etc/pki/ca-trust/source/anchors/ directory, then run # update-ca-trust extract which should correctly populate the directories that the libaries and applications use. Regards, Achim. -- +<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+ Wavetables for the Terratec KOMPLEXER: http://Synth.Stromeko.net/Downloads.html#KomplexerWaves -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
