bluethundr wrote:
I have setup the certificate chain in my slapd.conf like so:
TLSCACertificateFile /usr/local/etc/openldap/cacerts/sf_issuing.crt
I don't see where you say which directory these are stored in:
-rw-r--r-- 1 root bluethundr 2604 Nov 25 11:37 ca_bundle.crt -r--r----- 1 root ldap 4604 Nov 24 18:57 gd_bundle.crt -r--r----- 1 root ldap 1537 Nov 25 02:00 sf_issuing.crt
[root@LCENT01:/tmp/Foswiki-1.1.2]#openssl s_client -connect ldap.example.com:389 -showcerts -CAfile sf_issuing.crt 13730:error:02001002:system library:fopen:No such file or directory:bss_file.c:122:fopen('sf_issuing.crt','r')
It looks like the expected directory is not the one being used. Perhaps try use this invocation:
openssl s_client -connect ldap.example.com:389 -showcerts -CAfile /path/to/sf_issuing.crt
Best regards,