Bug#810814: libgnutls26: Encrypted LDAP connection doesn't work after libgnutls26 update

Hi, we have the same problem. Does anybody know why libgnutls26 update break openldap configuration of olcTLSCipherSuite to SECURE256? Thanks, Filip.

Bug#810814: libgnutls26: Encrypted LDAP connection doesn't work after libgnutls26 update

Stan, > did you change it in "ldap.conf" on client machine or within application > settings? I've tried with > > TLS_CIPHER_SUITE -SECURE256 > > in "/etc/ldap/ldap.conf" on client, but it ends with calltrace: > http://paste.debian.net/396314/ We changed it in the application settings. In our

Bug#810814: libgnutls26: Encrypted LDAP connection doesn't work after libgnutls26 update

Hi Frederic, did you change it in "ldap.conf" on client machine or within application settings? I've tried with TLS_CIPHER_SUITE -SECURE256 in "/etc/ldap/ldap.conf" on client, but it ends with calltrace: http://paste.debian.net/396314/ Thanks, Stan On 18.02.2016 08:32, Frederic Van Espen

Bug#810814: libgnutls26: Encrypted LDAP connection doesn't work after libgnutls26 update

Hi Stan, > are there any news how to fix this problem? I've added "TLSCipherSuite > NORMAL:!ARCFOUR-128:!3DES-CBC:-VERS-SSL3.0" to my slapd.conf on LDAP server, > but it didn't change a > thing. In our case, we had to allow more ciphers on the client side. Not on the server side. The client

Bug#810814: libgnutls26: Encrypted LDAP connection doesn't work after libgnutls26 update

Hi all, are there any news how to fix this problem? I've added "TLSCipherSuite NORMAL:!ARCFOUR-128:!3DES-CBC:-VERS-SSL3.0" to my slapd.conf on LDAP server, but it didn't change a thing. Best, Stan -- Stanislav Kopp System Administrator Native Instruments GmbH +49-30-611035-1668

Bug#810814: libgnutls26: Encrypted LDAP connection doesn't work after libgnutls26 update

Package: libgnutls26 Followup-For: Bug #810814 Hi, I can confirm that the addition of 'SECURE256' in the cipher suites configuration seems to be the problem, switching from olcTLSCipherSuite: SECURE256:!ARCFOUR-128:!3DES-CBC:-VERS-SSL3.0 to olcTLSCipherSuite:

Bug#810814: libgnutls26: Encrypted LDAP connection doesn't work after libgnutls26 update

On Wed, Jan 20, 2016 at 11:10 AM, Frederic Van Espen wrote: > I should add that running ldapsearch works fine though: Also, we have this in our configuration file: tls_cipher_suite = SECURE256 When I comment that it seems to work fine. Before the upgrade it worked

Bug#810814: libgnutls26: Encrypted LDAP connection doesn't work after libgnutls26 update

On Wed, Jan 20, 2016 at 10:59 AM, Frederic Van Espen wrote: > We're connecting to LDAP from postfix. Here's the postmap debugging output: > postmap: dict_ldap_debug: TLS: can't connect: The signature algorithm is not > supported.. > postmap: error:

Bug#810814: libgnutls26: Encrypted LDAP connection doesn't work after libgnutls26 update

Hi, On Thu, 14 Jan 2016 23:49:54 0100 Christoph Schindler wrote: > The problem seems to have to do with a self-signed root certificate that uses MD5 (as the root cert from cacert.org does) for its signature. Started getting this same issue yesterday after upgrading gnutls on

Bug#810814: libgnutls26: Encrypted LDAP connection doesn't work after libgnutls26 update

@Stanislav: are you per chance using a cacert.org-certificate? The problem seems to have to do with a self-signed root certificate that uses MD5 (as the root cert from cacert.org does) for its signature. If the server provides such a root certificate in the certificate chain, gnutls will

Bug#810814: libgnutls26: Encrypted LDAP connection doesn't work after libgnutls26 update

Package: libgnutls26 Version: 2.12.20-8+deb7u5 Severity: important Dear Maintainer, After upgrade libgnutls26 to version 2.12.20-8+deb7u5 I cannot run encrypted connection to LDAP anymore, e.g. ldapsearch -LLL -x -H ldap://ldap.example.com -b "ou=people,dc=example,dc=com" "(uid=test.user)"