Missing CA certificate while setting up replication agreement between IPA server and Active Directory, causes error "Peer's Certificate issuer is not recognized"
Issue
- The issue occurs when the Active Directory server is using a certificate issued by an external Certificate Authority or when self-signed certificates are not used.
- Errors:
Replication bind with SIMPLE auth failed: LDAP error -11 (Connect error) (TLS error -8179:Peer's Certificate issuer is not recognized.
Error: could not send startTLS request: error -11 (Connect error)
Environment
- Red Hat Enterprise Linux 6
- IdM Winsync
- Windows Server 2008R2
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
