FWIW: This same bad behavior is manifest on Jaunty w/OpenLDAP 2.4.15 and libldap-2.4-2.
Abbreviated output of: gnutls-cli --x509cafile /usr/share/ca- certificates/my.crt -p 636 our.ldapserver.com ----------- Processed 3 CA certificate(s). Resolving 'our.ldapserver.com'... Connecting to '127.0.1.1:636'... - Certificate type: X.509 - Got a certificate list of 1 certificates. <snip> - Peer's certificate is trusted - Version: TLS1.1 - Key Exchange: RSA - Cipher: AES-128-CBC - MAC: SHA1 - Compression: NULL - Handshake was completed ----------- Abbreviated output of: ldapsearch -x -ZZ -d3 255 ----------- TLS: peer cert untrusted or revoked (0x42) TLS: can't connect: (unknown error code). ldap_err2string ldap_start_tls: Connect error (-11) ----------- Let me know if I need to supply more information. -- TLS_CACERTDIR not supported in gnutls https://bugs.launchpad.net/bugs/242313 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs