Problem with GnuTLS/openssl
Nikos Mavrogiannopoulos
nmav at gnutls.org
Tue Aug 21 10:36:45 CEST 2012
On Tue, Aug 21, 2012 at 1:05 AM, Ognen Duzlevski
<ognen.duzlevski at gmail.com> wrote:
> Hello,
> I have a Debian 6.0.5 server running OpenLDAP which appears to be linked
> against GnuTLS. I have generated a self-signed certificate using certtool
> and have successfully used it to authenticate Debian client machines against
> the OpenLDAP ldaps:// server in question.
> However, when I try to do the same on a CentOS 6 client, I am unable to do
> so.
> On the CentOS client, if I try to run ldapsearch against the server, I get
> the following:
> ldap_start_tls: Can't contact LDAP server (-1)
> additional info: TLS error -8101:Certificate type not approved for
> application.
This is an error I cannot help with. Your should check with an
openldap mailing list.
> On the CentOS client, if I try to run gnutls-cli-debug, I get the following:
> gnutls-cli-debug -p 636 ldap.blahblah.com
> Resolving 'ldap.blahblah.com'...
> Connecting to '10.6.0.11:636'...
> Error in %INITIAL_SAFE_RENEGOTIATION
> Checking for Safe renegotiation support...
Which version of libgnutls and gnutls-bin is installed in that system?
It seems like they have an old library but new binaries.
regards,
Nikos
More information about the Gnutls-help
mailing list