[sudo-users] sudo-1.6.8p7 + ldaps + self signed certificate
justin at VLAMea.com
Tue Mar 29 08:03:14 EST 2005
Works for me now..
"tls_checkpeer no" should be default, but I still had to set it in
# OpenLDAP SSL options
# Require and verify server certificate (yes/no)
# Default is "no"
>>> sudo (--with ldap) works fine as long as I don't use SSL for LDAP.
>>> I get the same error as with ldapsearch when not setting "TLS_REQCERT
> allow" in /etc/openldap/ldap.conf. Ldapsearch works fine now, but sudo
> still is not working with this option set.
>>> Any idea?
>>> TLS certificate verification: Error, self signed certificate
>>> TLS trace: SSL3 alert write:fatal:unknown CA
>>> TLS trace: SSL_connect:error in SSLv3 read server certificate B TLS
> trace: SSL_connect:error in SSLv3 read server certificate B TLS: can't
>>> sudo-users mailing list <sudo-users at sudo.ws>
>>> For list information, options, or to unsubscribe, visit:
More information about the sudo-users