LDAP over SSL does not work with Ubuntu Prolonged Pain
nmav at gnutls.org
Thu May 10 20:27:30 CEST 2012
On 05/10/2012 01:59 PM, Thorsten Glaser wrote:
> we’ve got a range of systems in existence, from Debian etch
> (formerly sarge) to sid, and Kubuntu hardy (formerly dapper)
> to precise.
> Now, their latest release, prolonged pain precisely, fails to
> connect to our LDAP server (Univention Corporate Server 2.4),
> whereas it works with OpenSSL. I’ve had similar issues in hardy
> where a “security” update broke things due to GnuTLS, but this
> is new, and somehow gnutls-cli lacks the usual debugging output.
What do you mean by the usual debugging output?
> root at foo-test:~ # gnutls-cli -V -d 4711 -p 636 --x509cafile
The option `x509cafile' accepts a single file. If you use the * to
import more than one files it shouldn't work.
> Any ideas welcome. The certificates (CA and LDAP server) are
> autogenerated by some Univention scripts, in case someone needs
> to know.
So if I understand your issue is that gnutls 3.0.11 doesn't work
for you in ubuntu but gnutls 3.0.19 works for you in a debian
system? I don't know what to suggest. Do these releases work for
you if you install them from our released tarballs?
More information about the Gnutls-help