Package: nagios-plugins-standard Version: 1.4.16-1 Severity: important Consider the following:
/usr/lib/nagios/plugins/check_ldaps -H ldap -b dc=example,dc=org -p 636 -3 It fails with "Could not bind to the LDAP server" Adding this hack to /etc/ldap/ldap.conf: TLS_REQCERT never makes it work though. Somebody has actually described this on stack overflow as a solution, in fact, it is quite a nasty thing for security as all LDAP client code on the system running check_ldaps will no longer do cert verification. Please note I have checked the server cert is not expired and I am using a custom CA specified with TLS_CACERT in /etc/ldap/ldap.conf - other LDAP clients are happy with that setup and the problem is unique to check_ldaps for Nagios check_ldaps should work without requiring TLS_REQCERT to be weakened -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
