On 7/20/19 8:25 AM, Nikos Voutsinas wrote:
> In the view of the new openldap release, I ran some tests by using the
> current snapshot of the OPENLDAP_REL_ENG_2_4_48 tree

Which snapshot? Really the latest 407ce9d prepared for release and with
latest mdb merge?

> and based on my
> findings It seems that this build breaks the back_ldap backend when it
> is used with a remote ldaps:/// server.

I have a similar config working just fine with git snapshot 407ce9d.
But I'm running this on openSUSE Tumbleweed with OpenLDAP linked against
OpenSSL.

> The testing environment was a Debian (Stable/Buster) and
> Openldap was compiled with the Debian's gnu TLS libs.

Could you try to link with OpenSSL and test that to preclude that it's
an issue with GnuTLS?

> TLS: peer cert untrusted or revoked (0x42)
> TLS: can't connect: (unknown error code).

Could you try with gnutls-cli to check whether TLS just works?

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

Reply via email to