Hi,
we have the same problem. Does anybody know why libgnutls26 update break
openldap configuration of olcTLSCipherSuite to SECURE256?
Thanks, Filip.
Stan,
> did you change it in "ldap.conf" on client machine or within application
> settings? I've tried with
>
> TLS_CIPHER_SUITE -SECURE256
>
> in "/etc/ldap/ldap.conf" on client, but it ends with calltrace:
> http://paste.debian.net/396314/
We changed it in the application settings. In our
Hi Frederic,
did you change it in "ldap.conf" on client machine or within application
settings? I've tried with
TLS_CIPHER_SUITE -SECURE256
in "/etc/ldap/ldap.conf" on client, but it ends with calltrace:
http://paste.debian.net/396314/
Thanks,
Stan
On 18.02.2016 08:32, Frederic Van Espen
Hi Stan,
> are there any news how to fix this problem? I've added "TLSCipherSuite
> NORMAL:!ARCFOUR-128:!3DES-CBC:-VERS-SSL3.0" to my slapd.conf on LDAP server,
> but it didn't change a
> thing.
In our case, we had to allow more ciphers on the client side. Not on
the server side. The client
Hi all,
are there any news how to fix this problem? I've added "TLSCipherSuite
NORMAL:!ARCFOUR-128:!3DES-CBC:-VERS-SSL3.0" to my slapd.conf on LDAP server,
but it didn't change a
thing.
Best,
Stan
--
Stanislav Kopp
System Administrator
Native Instruments GmbH
+49-30-611035-1668
Package: libgnutls26
Followup-For: Bug #810814
Hi,
I can confirm that the addition of 'SECURE256' in the cipher suites
configuration seems to be the problem, switching from
olcTLSCipherSuite: SECURE256:!ARCFOUR-128:!3DES-CBC:-VERS-SSL3.0
to
olcTLSCipherSuite:
On Wed, Jan 20, 2016 at 11:10 AM, Frederic Van Espen
wrote:
> I should add that running ldapsearch works fine though:
Also, we have this in our configuration file:
tls_cipher_suite = SECURE256
When I comment that it seems to work fine. Before the upgrade it
worked
On Wed, Jan 20, 2016 at 10:59 AM, Frederic Van Espen
wrote:
> We're connecting to LDAP from postfix. Here's the postmap debugging output:
> postmap: dict_ldap_debug: TLS: can't connect: The signature algorithm is not
> supported..
> postmap: error:
Hi,
On Thu, 14 Jan 2016 23:49:54 0100 Christoph Schindler
wrote:
> The problem seems to have to do with a self-signed root certificate that
uses MD5 (as the root cert from cacert.org does) for its signature.
Started getting this same issue yesterday after upgrading gnutls on
@Stanislav: are you per chance using a cacert.org-certificate?
The problem seems to have to do with a self-signed root certificate that uses
MD5 (as the root cert from cacert.org does) for its signature.
If the server provides such a root certificate in the certificate chain,
gnutls will
Package: libgnutls26
Version: 2.12.20-8+deb7u5
Severity: important
Dear Maintainer,
After upgrade libgnutls26 to version 2.12.20-8+deb7u5 I cannot run encrypted
connection
to LDAP anymore, e.g.
ldapsearch -LLL -x -H ldap://ldap.example.com -b "ou=people,dc=example,dc=com"
"(uid=test.user)"
11 matches
Mail list logo