On Fri, Sep 05, 2008 at 02:27:16PM -0000, Marco Gaiarin wrote: > 2) seems that now setting TLS_CACERTDIR (for /etc/ldap/ldap.conf) or > tls_cacertdir (for /etc/ldap.conf) does nothing, eg you have to select > the certificate explicitly to make it work.
Openldap 2.4 is compiled against gnutls which doesn't support TLS_CACERTDIR. See https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/242313. > Clearly my CA certificate are on place, correctly 'hashed' with > c_rehash. > > The second problem seems a general libldap bug or misunderstanding, > because if i comment out TLS_CACERT on /etc/ldap/ldap.conf also simple > tools like ldapsearch stop to work. Boh. > Make sure that you're not using self-signed certificates on the clients. -- Mathias Gug Ubuntu Developer http://www.ubuntu.com -- Long delays enumerating users https://bugs.launchpad.net/bugs/66741 You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
