How do I load a trusted CA certificate for LDAPS (LDAP over TLS) authentication?

I am attempting to connect to an LDAP directory that requires TLS to connect. This server uses a privately signed certificate and when I attempt to connect to Vertica with a configured authentication record I get "Could not start LDAP TLS session: error code -1: Can't contact LDAP server". I am pretty sure this is because the server certificate is not trusted. My question is how do I load a trusted CA certificate into Vertica to allow it to connect to this LDAPS server? I have tried both /etc/openldap/ldap.conf and /etc/openldap/certs as well as creating the root.crt file that is used for client connections over SSL. Neither of these have worked. I know the Vertica host can successfully access the LDAP server because I can connect with ldapsearch from the host (after adding the CA cert to the /etc/openldap/certs store. Before adding the CA as a trusted CA I got the exact same error as Vertica is giving me). Thank you for any assistance

Leave a Comment

BoldItalicStrikethroughOrdered listUnordered list
Emoji
Image
Align leftAlign centerAlign rightToggle HTML viewToggle full pageToggle lights
Drop image/file