[CentOS] can't use godaddy SSL cert

Thu Nov 25 18:25:35 UTC 2010
cpolish at surewest.net <cpolish at surewest.net>

bluethundr wrote:
> I have setup the certificate chain in my slapd.conf like so:
> 
> TLSCACertificateFile  /usr/local/etc/openldap/cacerts/sf_issuing.crt

I don't see where you say which directory these are stored in:

> -rw-r--r--  1 root  bluethundr  2604 Nov 25 11:37 ca_bundle.crt
> -r--r-----  1 root  ldap        4604 Nov 24 18:57 gd_bundle.crt
> -r--r-----  1 root  ldap        1537 Nov 25 02:00 sf_issuing.crt

> [root at LCENT01:/tmp/Foswiki-1.1.2]#openssl s_client -connect
> ldap.example.com:389 -showcerts -CAfile sf_issuing.crt
> 13730:error:02001002:system library:fopen:No such file or
> directory:bss_file.c:122:fopen('sf_issuing.crt','r')

It looks like the expected directory is not the one being
used. Perhaps try use this invocation:

openssl s_client -connect ldap.example.com:389 -showcerts -CAfile /path/to/sf_issuing.crt

Best regards,
-- 
Charles Polisher