[Bug 66741] Re: Long delays enumerating users
Mathias Gug
mathiaz at ubuntu.com
Fri Sep 5 15:48:31 BST 2008
On Fri, Sep 05, 2008 at 02:27:16PM -0000, Marco Gaiarin wrote:
> 2) seems that now setting TLS_CACERTDIR (for /etc/ldap/ldap.conf) or
> tls_cacertdir (for /etc/ldap.conf) does nothing, eg you have to select
> the certificate explicitly to make it work.
Openldap 2.4 is compiled against gnutls which doesn't support
TLS_CACERTDIR.
See https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/242313.
> Clearly my CA certificate are on place, correctly 'hashed' with
> c_rehash.
>
> The second problem seems a general libldap bug or misunderstanding,
> because if i comment out TLS_CACERT on /etc/ldap/ldap.conf also simple
> tools like ldapsearch stop to work. Boh.
>
Make sure that you're not using self-signed certificates on the clients.
--
Mathias Gug
Ubuntu Developer http://www.ubuntu.com
--
Long delays enumerating users
https://bugs.launchpad.net/bugs/66741
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to libnss-ldap in ubuntu.
More information about the Ubuntu-server-bugs
mailing list