ChuckP.41574 (Customer) asked a question.
Hi there,
I'm testing using freeradius to connect to Okta's LDAP interface but it's erroring out due to it apparently using a self signed cert:
rlm_ldap (ldap): Connecting to ldap://mycompany.ldap.okta.com:636
TLS certificate verification: Error, self-signed certificate in certificate chain
TLS: can't connect: error:0A000086:SSL routines::certificate verify failed (self-signed certificate in certificate chain).
But when I run this, it looks like the cert was issued by DigiCert:
* openssl s_client -connect mycompany.ldap.okta.com:636 -showcerts
subject=/C=US/ST=California/L=San Francisco/O=Okta, Inc./CN=*.ldap.okta.com
issuer=/C=US/O=DigiCert Inc/CN=DigiCert Global G2 TLS RSA SHA256 2020 CA1
Obviously getting mixed messages here but does anyone have any guidance?
Thanks!
Hi @ChuckP.41574 (Customer) , Thank you for reaching out to the Okta Community!
While this article is not explicitly for the LDAPi implementation, the advice listed might help with the certificate issue you are experiencing.
If my answer helped, remember to mark it as best to increase its visibility for other members of the Okta Community who might have the same questions as you.
Hope my answer helps!
--
Help others in the community by liking or hitting Select as Best if this response helped you.
Collect them all. Learn a new skill and earn a new Okta Learning badge.