LDAP over SSL does not work with Ubuntu Prolonged Pain
Thorsten Glaser
t.glaser at tarent.de
Wed May 23 12:39:10 CEST 2012
On Wed, 23 May 2012, Nikos Mavrogiannopoulos wrote:
> Did you try specifying in the gnutls-cli command line the CA
> certificate that you sent in the previous mail?
I had not. Oh, this is too good. In this case, sorry for the
noise, and I’ll have to investigate what happened here.
[…]
Ah. Got it. And it’s too a bug in GnuTLS. Please try with
the attached file. (For what it’s worth, the file I attached
to this mail is an excerpt of the ca-bundle.crt file, and in
OpenSSL -CApath “syntax”, they are named a4e96d2f.0 and
a4e96d2f.1, respectively – so they have the same short hash.
bye,
//mirabilos
--
tarent solutions GmbH
Rochusstraße 2-4, D-53123 Bonn • http://www.tarent.de/
Tel: +49 228 54881-393 • Fax: +49 228 54881-314
HRB AG Bonn 5168 • USt-ID (VAT): DE122264941
Geschäftsführer: Boris Esser, Elmar Geese
-------------- next part --------------
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIJAP9SiVa2XhxOMA0GCSqGSIb3DQEBBQUAMIGcMQswCQYD
VQQGEwJERTEMMAoGA1UECBMDTlJXMQ0wCwYDVQQHEwRCb25uMRQwEgYDVQQKEwt0
YXJlbnQgR21iSDELMAkGA1UECxMCSVQxLDAqBgNVBAMTI1VuaXZlbnRpb24gQ29y
cG9yYXRlIFNlcnZlciBSb290IENBMR8wHQYJKoZIhvcNAQkBFhBhZG1pbnNAdGFy
ZW50LmRlMB4XDTExMDMzMTEzMjAxN1oXDTE2MDkyMDEzMjAxN1owgZwxCzAJBgNV
BAYTAkRFMQwwCgYDVQQIEwNOUlcxDTALBgNVBAcTBEJvbm4xFDASBgNVBAoTC3Rh
cmVudCBHbWJIMQswCQYDVQQLEwJJVDEsMCoGA1UEAxMjVW5pdmVudGlvbiBDb3Jw
b3JhdGUgU2VydmVyIFJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGFkbWluc0B0YXJl
bnQuZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCuIhQQB5h5ONzo
fxErFM5pqS+/WV+2fooBNdtSHPjk62Qwe44jT8owsAfMCowkhCTRJqQ8cS1/mN1Z
xvlIcjCFWcK0IbJM01XW6tfsJ1Kmylh0SFTcbhHDFXNqKo7BwECIJTeeEY/3J3oY
0+rbO15gmn+N8eYGLuBQyYzkbie9J9F7hjnipTjks0V7ra/1uvplPxUHOYxBUBSE
lhPpqJkQU5KExzWSX0pU/Qn0aYKWq1GVlg3dHPINkorHrML4+dbduaCTvdr3RffH
LL1b861kbi0uYYnoQUGk3o1BVEeZMy+YUycDjvnQGmpDY243RCDKe+0A844og4vB
hOXkZB7XAgMBAAGjggGcMIIBmDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRn
IDNw6CoTPpX7mXnts0lK1AWnvzCB0QYDVR0jBIHJMIHGgBRnIDNw6CoTPpX7mXnt
s0lK1AWnv6GBoqSBnzCBnDELMAkGA1UEBhMCREUxDDAKBgNVBAgTA05SVzENMAsG
A1UEBxMEQm9ubjEUMBIGA1UEChMLdGFyZW50IEdtYkgxCzAJBgNVBAsTAklUMSww
KgYDVQQDEyNVbml2ZW50aW9uIENvcnBvcmF0ZSBTZXJ2ZXIgUm9vdCBDQTEfMB0G
CSqGSIb3DQEJARYQYWRtaW5zQHRhcmVudC5kZYIJAP9SiVa2XhxOMAsGA1UdDwQE
AwIBBjARBglghkgBhvhCAQEEBAMCAAcwGwYDVR0RBBQwEoEQYWRtaW5zQHRhcmVu
dC5kZTAbBgNVHRIEFDASgRBhZG1pbnNAdGFyZW50LmRlMDgGCWCGSAGG+EIBDQQr
FilUaGlzIGNlcnRpZmljYXRlIGlzIGEgUm9vdCBDQSBDZXJ0aWZpY2F0ZTANBgkq
hkiG9w0BAQUFAAOCAQEAg5Mtl326C0Cp286Jr5uQyUgegueZcWK+tI5ziDzudNZ5
o5jknYTKT19dnGz7DOxn7oHCY9V6/EKiHdkIgbN/OUyYu6jwhbVXaauUNNsQlbte
qnJEXCvvJiolYISKrZ0SJ6uyGse9KCJZMc/YxrwBbU5CpZwaTc5/0+6So2hr3880
9hIauNZ/1kFQ2ZQm2IQNjM9yPYaMWI1E8y6Qy9Oi+oFqe70QTw+WUo+02Yj5bvxS
8R+dnUyjnjqFltP01xPZPBeuPly8eQ0Iwnlst4pDLLC3vnv6yyG3V7hssnEiyHex
XcpGiNsF6ON05jXSxaoh8G9xHiu/8mXNVMk76U0cGA==
-----END CERTIFICATE-----
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgIJAJ17nqsex6JJMA0GCSqGSIb3DQEBBQUAMIGcMQswCQYD
VQQGEwJERTEMMAoGA1UECBMDTlJXMQ0wCwYDVQQHEwRCb25uMRQwEgYDVQQKEwt0
YXJlbnQgR21iSDELMAkGA1UECxMCSVQxLDAqBgNVBAMTI1VuaXZlbnRpb24gQ29y
cG9yYXRlIFNlcnZlciBSb290IENBMR8wHQYJKoZIhvcNAQkBFhBhZG1pbnNAdGFy
ZW50LmRlMB4XDTExMDIwNzEwMjQyOVoXDTEzMDIwNjEwMjQyOVowgZwxCzAJBgNV
BAYTAkRFMQwwCgYDVQQIEwNOUlcxDTALBgNVBAcTBEJvbm4xFDASBgNVBAoTC3Rh
cmVudCBHbWJIMQswCQYDVQQLEwJJVDEsMCoGA1UEAxMjVW5pdmVudGlvbiBDb3Jw
b3JhdGUgU2VydmVyIFJvb3QgQ0ExHzAdBgkqhkiG9w0BCQEWEGFkbWluc0B0YXJl
bnQuZGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCxhnVJUYwNGfT1
HZ5jwQsBBN+63AW8SU5sId57LKXdv4m9L46m4WphqkzgHsRIXgRFM7nYH5mrRnL0
QvdaSg3spngtHGRjl4oWkIA2njCsoMGRVuRu6jid3d4wp+VvQHGRkDhtTsga9+1Z
ariWv1Q7Dm+YYZSrG1hN23ioGTjqTrYcC22zdhpOgMdomwvjgVoUXephtaGdsezY
tzf3pAHTE7eIPwiaQ94tMPOtYNMJNrcIftbPBJu9RaxVjwu8Sco/58gqQjoF1d0H
dxDCB8qiKi6EqWuzsPh5JY68tcHXwhzXCkGwVU/QRFDSFXVbId2lJIKpmWOLjdV9
cRkxYuT3AgMBAAGjggGcMIIBmDAPBgNVHRMBAf8EBTADAQH/MB0GA1UdDgQWBBRh
m2Wte3clWpukCDJQd0kq1t0ddjCB0QYDVR0jBIHJMIHGgBRhm2Wte3clWpukCDJQ
d0kq1t0ddqGBoqSBnzCBnDELMAkGA1UEBhMCREUxDDAKBgNVBAgTA05SVzENMAsG
A1UEBxMEQm9ubjEUMBIGA1UEChMLdGFyZW50IEdtYkgxCzAJBgNVBAsTAklUMSww
KgYDVQQDEyNVbml2ZW50aW9uIENvcnBvcmF0ZSBTZXJ2ZXIgUm9vdCBDQTEfMB0G
CSqGSIb3DQEJARYQYWRtaW5zQHRhcmVudC5kZYIJAJ17nqsex6JJMAsGA1UdDwQE
AwIBBjARBglghkgBhvhCAQEEBAMCAAcwGwYDVR0RBBQwEoEQYWRtaW5zQHRhcmVu
dC5kZTAbBgNVHRIEFDASgRBhZG1pbnNAdGFyZW50LmRlMDgGCWCGSAGG+EIBDQQr
FilUaGlzIGNlcnRpZmljYXRlIGlzIGEgUm9vdCBDQSBDZXJ0aWZpY2F0ZTANBgkq
hkiG9w0BAQUFAAOCAQEAW6Go7JUKlUDt2lV5u3WeDRxz3dzneRcAV9cIpxt7RfPj
fUGA4UlLNKHMkeHj2yDZHwGKvHQQQGoqxJwF1honwNqDgQ409/QExWg4wWd0RKso
7qdUMtccleuQprlG0ZYFmYvw0qMFQ4I8oeOdUrWUZd/fnYi113secSgeobKAK4BX
WVfpPxB4AUVUzxE8bT6rUFk7EYKaqK3KWo9K4gxA2oSfvBRBMffsE01ItR6WZTsd
WElwzwT4V9N+ozpFTwV4EiCluDpe2BexTDf8Fk7QPrjvGH3tshfFptjBNIQ0sb+p
Z/n8giCWbzmGO729mFKh6D1vyx3/8Damwr9yPJtlIQ==
-----END CERTIFICATE-----
More information about the Gnutls-help
mailing list