I am using a self created CA with certificates signed by it. I used this command to create it: openssl req -config openssl.cnf -new -x509 -extensions v3_ca -keyout physicsCA/private/cakey.pem -out physicsCA/cacert.pem -days 2190
I create and sign the certificates with these commands: openssl req -config openssl.cnf -new -nodes -keyout $1.key -out $1.csr -days 1065 openssl ca -config openssl.cnf -policy policy_anything -out $1.crt -infiles $1.csr The CA certificate file is distributed to all of my machines and is specified in the ldap.conf. If you want me to attach the openssl.cnf let me know. -- gnutls regression: failure in certificate chain validation https://bugs.launchpad.net/bugs/305264 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
