28 Nov
2016
28 Nov
'16
11:49 a.m.
Has anyone run into this issue on rhel 7? If I test unencrypted I can authenticate against ldap without issue. However if I set /etc/raddb/mods-enabled/ldap to use port 636 (encrypted) I receive the following certificate error. rlm_ldap (ldap): Opening additional connection (0) rlm_ldap (ldap): Connecting to authdir.fairfield.edu:636 TLS: certificate [CN=AddTrust External CA Root,OU=AddTrust External TTP Network,O=AddTrust AB,C=SE] is not valid - error -8172:Peer's certificate issuer has been marked as not trusted by the user.. TLS: error: connect - force handshake failure: errno 21 - moznss error -8172 TLS: can't connect: TLS error -8172:Peer's certificate issuer has been marked as not trusted by the user.. Thanks, Bill