[Bug 618715] Re: ldapsearch ignores TLS_CACERT from /etc/ldap/ldap.conf but gladly reads ~/.ldapcert.pem
Anders Bruun Olsen
anders at bruun-olsen.net
Tue Aug 17 15:24:09 BST 2010
abo at ginnungagap:~$ cat /etc/ldap/ldap.conf
#
# LDAP Defaults
#
# See ldap.conf(5) for details
# This file should be world readable but not world writable.
BASE dc=dsl,dc=dk
URI ldap://admin1.dsl.lan
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
TLS_CACERT /etc/ssl/certs/cacert.pem
SSL start_tls
abo at ginnungagap:~$ ldapsearch -x -D "cn=admin,dc=dsl,dc=dk" -Z -W uid=abo cn
ldap_start_tls: Connect error (-11)
Enter LDAP Password:
ldap_result: Can't contact LDAP server (-1)
abo at ginnungagap:~$ cp /etc/ssl/certs/cacert.pem .ldapcert.pem
abo at ginnungagap:~$ ldapsearch -x -D "cn=admin,dc=dsl,dc=dk" -Z -W uid=abo cn
Enter LDAP Password:
# extended LDIF
#
# LDAPv3
# base <dc=dsl,dc=dk> (default) with scope subtree
# filter: uid=abo
# requesting: cn
#
# abo, people, dsl.dk
dn: uid=abo,ou=people,dc=dsl,dc=dk
cn: Anders Bruun Olsen
# search result
search: 3
result: 0 Success
# numResponses: 2
# numEntries: 1
--
ldapsearch ignores TLS_CACERT from /etc/ldap/ldap.conf but gladly reads ~/.ldapcert.pem
https://bugs.launchpad.net/bugs/618715
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in ubuntu.
More information about the Ubuntu-server-bugs
mailing list