Last week I had a hard time when trying to integrate an old version of a Crowd Connector because I was always getting an error 60 when that connector tried to contact a Crowd Server.
After 10’ seconds of Googling I found that error 60 for curl means:
Peer certificate cannot be authenticated with known CA certificates.
Great ! How can I solve that ?
Unfortunately curl is bundled into the Crowd Connector and it was impossible for me to pass a parameter to specify my CA (this parameter is available in version 2.7 of the connector).
The solution is to add your server CA to the system-default bundle. In RedHat it’s in
cat my_ca.pem >> /etc/pki/tls/certs/ca-bundle.crt
And voilà ! No more issue