I'm writing a "C" client that connects with SASL EXTERNAL and yesterday, when it ran it output the following:
SASL/EXTERNAL authentication started > SASL username: cn=xxxx,ou=yyyy,ou=zzz,o=aaa,dc=bbbb,dc=ccc > SASL SSF: 0 Which is exactly what I was expecting. Actually is still what I'm expecting. So some changes occurred on the server and the client which resulted in this now being output: TLS: error: the certificate '/etc/openldap/certs/xxxxx.crt' could not be > found in the database - error -12285:Unable to find the certificate or key > necessary for authentication.. > TLS: certificate '/etc/openldap/certs/xxxxx.crt' successfully loaded from > PEM file. > TLS: no unlocked certificate for certificate > 'CN=xxxx,OU=yyyy,OU=zzz,O=aaa,DC=bbbb,DC=ccc'. > SASL/EXTERNAL authentication started > SASL username: cn=xxxx,ou=yyyy,ou=zzz,o=aaa,dc=bbbb,dc=ccc > SASL SSF: 0 I have verified that I am not setting LDAP_OPT_DEBUG_LEVEL and I even tried setting it to "0" explicitly but I still get the same thing! I have seen that before when I set debugging to ANY but I really rather not have this warning output if possible. Does anyone know why this would be occurring or what I can do to turn off those TLS warning/error messages? Thanks, -- Frank
