LDAP over SSL does not work with Ubuntu Prolonged Pain

[Nikos Mavrogiannopoulos]

On 05/22/2012 07:07 PM, Thorsten Glaser wrote:

> On Tue, 22 May 2012, Nikos Mavrogiannopoulos wrote:
> 
>> Let's get the facts straight. What have you actually tried?
> 
> I’ve tried to connect to the server using OpenSSL and GnuTLS.
> Both were pointed to a CA bundle containing the server CA.
> With OpenSSL, the connection succeeds, and it says it can
> validate the server certificate. With GnuTLS on older *buntu
> systems and current Debian, the connection similarily succeeds.
> With GnuTLS on the last two *buntu releases, it fails. I’ve
> looked up in slapd.conf which certificates it uses, tarred
> them up and sent them.
> 
> I’m not familiar with gnutls-cli and other non-OpenSSL tools,
> so if I should test other things, please tell me what and how.


Did you try specifying in the gnutls-cli command line the CA
certificate that you sent in the previous mail?