Certificate problems with check_ldap

[f.hugh at comcast.net]

I have been able to get check_ldap to work fine over the clear on port 389.  When I try to use ssl 636 it fails.  It can't verify the cert since it is our own CA and not a comercial CA that signed the cert.  


This is the error I get: 
<SNIP> 
ldap_bind: Can't contact LDAP server (-1) 
        additional info: error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed 
Could not bind to the LDAP server 
</SNIP> 

I am certain that it is the trust of the cert that is the problem.  I have googled this for half the day looking for the method to insert our Root CA as trusted, but have had no luck.  Anyone been able to accomplish this?  Think of it as a self signed cert installad on our AD domain controllers. 

-paul 
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://www.monitoring-lists.org/archive/users/attachments/20110930/41a338d7/attachment.html>
-------------- next part --------------
------------------------------------------------------------------------------
All of the data generated in your IT infrastructure is seriously valuable.
Why? It contains a definitive record of application performance, security
threats, fraudulent activity, and more. Splunk takes this data and makes
sense of it. IT sense. And common sense.
http://p.sf.net/sfu/splunk-d2dcopy2
-------------- next part --------------
_______________________________________________
Nagios-users mailing list
Nagios-users at lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/nagios-users
::: Please include Nagios version, plugin version (-v) and OS when reporting any issue. 
::: Messages without supporting info will risk being sent to /dev/null