Yes, thank you, that seems to be my problem, too: ``` auth: Error: ldap_create auth: Error: ldap_url_parse_ext(ldaps://xxx.com) auth: Error: ldap_sasl_bind auth: Error: ldap_send_initial_request auth: Error: ldap_new_connection 1 1 0 auth: Error: ldap_int_open_connection auth: Error: ldap_connect_to_host: TCP xxx.com:636 auth: Error: ldap_new_socket: 33 auth: Error: ldap_prepare_socket: 33 auth: Error: ldap_connect_to_host: Trying xxx 636 auth: Error: ldap_pvt_connect: fd: 33 tm: 5 async: 0 auth: Error: ldap_ndelay_on: 33 auth: Error: attempting to connect: auth: Error: connect errno: 115 auth: Error: ldap_int_poll: fd: 33 tm: 5 auth: Error: ldap_is_sock_ready: 33 auth: Error: ldap_ndelay_off: 33 auth: Error: ldap_pvt_connect: 0 auth: Error: ldap_int_tls_start: ldap_int_tls_connect needs read auth: Error: ldap_int_tls_start: ld 0x5cebfad42c70 4 s 999914 us to go auth: Error: ldap_int_poll: fd: 33 tm: 4 auth: Error: ldap_is_sock_ready: 33 auth: Error: ldap_ndelay_off: 33 auth: Error: TLS: peer cert untrusted or revoked (0x42) auth: Error: TLS: can't connect: (unknown error code). auth: Error: ldap(ldaps://xxx.com:636): Can't connect to server: ldaps://xxx.com ```
Server uses a normal letsencrypt certificate that is valid (checked with openssl). So look like v2.4.3 broke using the default system's CAs? _______________________________________________ dovecot mailing list -- [email protected] To unsubscribe send an email to [email protected]
