LDAP over SSL does not work with Ubuntu Prolonged Pain

Thorsten Glaser t.glaser at tarent.de
Fri May 11 13:14:27 CEST 2012

On Thu, 10 May 2012, Nikos Mavrogiannopoulos wrote:

>  What do you mean by the usual debugging output?

These lines from the gnutls output on Debian:

- Certificate[1] info:

For example.

> > root at foo-test:~ # gnutls-cli -V -d 4711 -p 636 --x509cafile
> /etc/ssl/certs/ca-c* dc.lan.tarent.de
> The option `x509cafile' accepts a single file. If you use the * to
> import more than one files it shouldn't work.

No, that’s one file, I just shortened it with a ‘*’ to get the
command on a single line.

> So if I understand your issue is that gnutls 3.0.11 doesn't work
> for you in  ubuntu

Or rather, whatever version they ship and link OpenLDAP (and
gnutls-cli) with. From the dpkg output, this looks like 2.12.14
to me (but then, with older versions, we never had trouble like
this either).

> but gnutls 3.0.19 works for you in a debian
> system? I don't know what to suggest. Do these releases work for
> you if you install them from our released tarballs?

Urgh. I don’t know when I can answer that question.
I will try to fit that experimentation in somewhen
next week.

Thanks anyway!

tarent solutions GmbH
Rochusstraße 2-4, D-53123 Bonn • http://www.tarent.de/
Tel: +49 228 54881-393 • Fax: +49 228 54881-314
HRB AG Bonn 5168 • USt-ID (VAT): DE122264941
Geschäftsführer: Boris Esser, Elmar Geese

More information about the Gnutls-help mailing list