As an additional data point, I've run into the same issue for certificates signed using RSA-SHA256.
When using "gnutls-cli -p 636 ldap --priority 'SECURE256'", I get an error back stating that "The signature algorithm is not supported". If I change the priority string to 'SECURE256:+SIGN-ALL', I am able to establish a connection. Even stranger, the priority string 'SECURE256 :+SIGN-RSA-SHA256' gives me an error stating "The signature algorithm is not supported". It's almost as if the default signature algorithms changed behind the scenes, breaking everything during an unattended-upgrade. Additionally, setting the signature algorithm directly doesn't work. This is occurring for the following versions of gnutls-cli: * 2.12.14-5ubuntu3.11 * 2.12.23-12ubuntu2.4 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1534230 Title: LDAP TLS connection stopped working To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1534230/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
