[gnutls-help] Create csr with netscape extension = server
m.postman at mafrigo.net
m.postman at mafrigo.net
Wed Jun 11 19:50:49 CEST 2014
Hi,
i've been working on this problem quite long now.
OpenLDAP on my OpenSuSE 13.1 is compiled with gnutls apparently.
But connecting to the OpenLDAP server fails with the following message:
# ldapsearch -h localhost -W -D uid=admin,dc=example,dc=net -b
dc=example,dc=net -s sub "(uid=user1)" -v -ZZ
ldap_initialize( ldap://localhost )
ldap_start_tls: Connect error (-11)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:_certificate verify failed
(unsupported certificate purpose)__
__
_Tracking down this error lead to a missing "Netscape Extension" called
"server".
[Source:
http://www.openldap.org/lists/openldap-software/200704/msg00278.html]
Well... _how do I create a CSR with gnutls/certtool with this
extension??_ :)
I simply can't figure it out... maybe I missed something?!
In openssl there is a directive "nsCertType = server"... I suppose
that's what I am looking for :)
I appreciate any help. Thank you very much in advance!
Marc
-------------- next part --------------
An HTML attachment was scrubbed...
URL: </pipermail/attachments/20140611/476ab19a/attachment.html>
More information about the Gnutls-help
mailing list