[sudo-users] sudo-1.6.8p7 + ldaps + self signed certificate

Justin Albstmeijer justin at VLAMea.com
Tue Mar 29 08:03:14 EST 2005


Works for me now..
"tls_checkpeer no" should be default, but I still had to set it in
/etc/ldap.conf.

# OpenLDAP SSL options
# Require and verify server certificate (yes/no)
# Default is "no"
#tls_checkpeer yes
tls_checkpeer no

>>> sudo (--with ldap) works fine as long as I don't use SSL for LDAP.
>>>
>>> I get the same error as with ldapsearch when not setting "TLS_REQCERT
> allow" in /etc/openldap/ldap.conf. Ldapsearch works fine now, but sudo
> still is not working with this option set.
>>>
>>> Any idea?
>>>
>>> -------
>>> TLS certificate verification: Error, self signed certificate
>>> TLS trace: SSL3 alert write:fatal:unknown CA
>>> TLS trace: SSL_connect:error in SSLv3 read server certificate B TLS
> trace: SSL_connect:error in SSLv3 read server certificate B TLS: can't
> connect.
>>> -------
>>>
>>> ____________________________________________________________
>>> sudo-users mailing list <sudo-users at sudo.ws>
>>> For list information, options, or to unsubscribe, visit:
>>> http://www.sudo.ws/mailman/listinfo/sudo-users
>>>
>>
>>
>
>
>
>





More information about the sudo-users mailing list