Actually it's more of a workaround...
I am convinced that it's this openssl bug:
http://www.mail-archive.com/[EMAIL PROTECTED]/msg16665.html
My TLS and SSL calls now look like this.
$ldap_mesg = $ldap->start_tls (verify => 'require',
cafile => '/usr/local/etc/openldap/cacert.pem',
ciphers => 'DES-CBC3-SHA');
$ldap = Net::LDAPS->new ( "$ldap_server",
port => '636',
debug => $ldap_debug,
verify => 'require',
cafile => '/usr/local/etc/openldap/cacert.pem',
ciphers => 'DES-CBC3-SHA',
version => 3 ) or gracefuldie("$@");
Explicitly setting the cipher did the trick... Strange.
Thanks very much for the help... I must admit my openssl knowledge is not
great, but I have a much better grasp of it now...
-D
