Missing CA certificate while setting up replication agreement between IPA server and Active Directory, causes error "Peer's Certificate issuer is not recognized"

Solution Verified - Updated -

Issue

  • The issue occurs when the Active Directory server is using a certificate issued by an external Certificate Authority or when self-signed certificates are not used.
  • Errors:
    Replication bind with SIMPLE auth failed: LDAP error -11 (Connect error) (TLS error -8179:Peer's Certificate issuer is not recognized.
    Error: could not send startTLS request: error -11 (Connect error)

Environment

  • Red Hat Enterprise Linux 6
  • IdM Winsync
  • Windows Server 2008R2

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase, tools, and much more.

Current Customers and Partners

Log in for full access

Log In

New to Red Hat?

Learn more about Red Hat subscriptions

Using a Red Hat product through a public cloud?

How to access this content