The "Trust" setting does not work with 10.8.2, even openssl s_client -connect ...:636 returned CONNECTED(00000003) verify return:1

Hi,

here are some more informations about the problem.

The root CA certificate is imported as trusted in the system keychain of the server and the client. A certificate evaluation returns "valid certificates, trusted ...".

The client bind fails with this messages, e.g. Kerio Control is able the use LDAPS, so it seams just the problem with the trustability of the certificates. Keychain trusts the certificates, OD client bind not, this is not so consistent.

Any idee?

Thanks

Henri

2013-03-14 19:39:02.776804 CET - Trigger - notified opendirectoryd:nodes;lastServerChanged;/LDAPv3/ldaps://macpro....:636

2013-03-14 19:39:02.793467 CET - 71825.330426.330427, Module: AppleODClientLDAP - unable to create connection to LDAP server - ldap_search_ext_s for the ro

otDSE failed with error 'server connection failed' (-1) error:14090086:SSL routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed (self signed cert

ificate in certificate chain)

2013-03-14 19:39:02.793501 CE

CONNECTED(00000003)

depth=1 /C=DE/...

Certificate chain

0 s:/CN=macpro...

i:/C=DE//OU=IT/CN=*.office.../emailAddress=admin@...

verify error:num=19:self signed certificate in certificate chain

verify return:0