| Bug ID | 1051695 |
|---|---|
| Summary | ldap_start_tls: Connect error (-11) additional info: error:14090086:SSL routines:ssl3_get_server_certificate:certificate verify failed (self signed certificate in certificate chain) |
| Classification | openSUSE |
| Product | openSUSE Distribution |
| Version | Leap 42.3 |
| Hardware | Other |
| OS | Other |
| Status | NEW |
| Severity | Normal |
| Priority | P5 - None |
| Component | Basesystem |
| Assignee | bnc-team-screening@forge.provo.novell.com |
| Reporter | bruno@ioda-net.ch |
| QA Contact | qa-bugs@suse.de |
| Found By | --- |
| Blocker | --- |
After upgrading a working openSUSE Leap 42.1 (ldap, sssd, samba) server there's no way to do a simple ldapsearch -x -ZZ without getting the error in subject. the self-signed ca is stored in /etc/pki/anchor/trust and symlinks are present in /var/lib/ca-certificates/pem There doesn't seems to have any changes needed in /etc/ldap.conf ps : this also create a fail condition for samba using ldap is start tls is on. What and How can this be debugged. ps2 : This symptom has been seen now on 2 servers.