bluethundr wrote: > I have setup the certificate chain in my slapd.conf like so: > > TLSCACertificateFile /usr/local/etc/openldap/cacerts/sf_issuing.crt I don't see where you say which directory these are stored in: > -rw-r--r-- 1 root bluethundr 2604 Nov 25 11:37 ca_bundle.crt > -r--r----- 1 root ldap 4604 Nov 24 18:57 gd_bundle.crt > -r--r----- 1 root ldap 1537 Nov 25 02:00 sf_issuing.crt > [root at LCENT01:/tmp/Foswiki-1.1.2]#openssl s_client -connect > ldap.example.com:389 -showcerts -CAfile sf_issuing.crt > 13730:error:02001002:system library:fopen:No such file or > directory:bss_file.c:122:fopen('sf_issuing.crt','r') It looks like the expected directory is not the one being used. Perhaps try use this invocation: openssl s_client -connect ldap.example.com:389 -showcerts -CAfile /path/to/sf_issuing.crt Best regards, -- Charles Polisher