[Bug 242313] Re: TLS_CACERTDIR not supported in gnutls
Christopher Nighswonger
cnighswonger at foundations.edu
Thu Jun 18 18:17:26 BST 2009
FWIW: This same bad behavior is manifest on Jaunty w/OpenLDAP 2.4.15 and
libldap-2.4-2.
Abbreviated output of: gnutls-cli --x509cafile /usr/share/ca-
certificates/my.crt -p 636 our.ldapserver.com
-----------
Processed 3 CA certificate(s).
Resolving 'our.ldapserver.com'...
Connecting to '127.0.1.1:636'...
- Certificate type: X.509
- Got a certificate list of 1 certificates.
<snip>
- Peer's certificate is trusted
- Version: TLS1.1
- Key Exchange: RSA
- Cipher: AES-128-CBC
- MAC: SHA1
- Compression: NULL
- Handshake was completed
-----------
Abbreviated output of: ldapsearch -x -ZZ -d3 255
-----------
TLS: peer cert untrusted or revoked (0x42)
TLS: can't connect: (unknown error code).
ldap_err2string
ldap_start_tls: Connect error (-11)
-----------
Let me know if I need to supply more information.
--
TLS_CACERTDIR not supported in gnutls
https://bugs.launchpad.net/bugs/242313
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in ubuntu.
More information about the Ubuntu-server-bugs
mailing list