http://bugzilla.novell.com/show_bug.cgi?id=629549 http://bugzilla.novell.com/show_bug.cgi?id=629549#c0 Summary: ldap connects over TLS fail with self signed certificates Classification: openSUSE Product: openSUSE 11.3 Version: Final Platform: x86-64 OS/Version: Other Status: NEW Severity: Normal Priority: P5 - None Component: Network AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: volker@openbios.org QAContact: qa@suse.de Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (compatible; Konqueror/4.4; Linux) KHTML/4.4.4 (like Gecko) SUSE Can not connect to ldap server over TLS when server uses self signed certificate. Ldap client accesses from 11.3 fail when using TLS. For example: ldapsearch -ZZ -h my.ldap.host.domain ldap_start_tls: Connect error (-11) additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (self signed certificate in certificate chain) The error message is probably referring to the CA certificate which resides in /etc/ssl/certs/myown-ca.cert.pem on server side and which is self signed. Other ldap client services like Yast-Ldap-Browser or Yast-User-Management give the same error. This problem does not occur with 11.2 Reproducible: Always Steps to Reproduce: 1. 2. 3. -- Configure bugmail: http://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.