- Obtain the needed certificate(s). See Obtain the Needed Certificate.The process shown in the cross-referenced topic is for a simple SSL deployment. You may not be able to get all of the certificates you need this way, and may need to contact the site security administrator to obtain the certificates you need to authenticate the directory.
The certificates must be in PEM format. If not, you must convert them to PEM format using the openssl x509 command before going on to the next step.
- Install the certificate(s). See Installing the Certificate.
- Run the c_rehash utility. See Creating Symlinks Using the Certlink Utility.
This error may indicate a security breach. Consider the following actions to check for a possible security threat.
- Check the access logs to detect any suspicious activity.
- Get a copy of the directory server certificate chain to you to make sure that the database has the officially trusted set of certificates.