[Date Prev][Date Next] [Chronological] [Thread] [Top]

(ITS#5567) v2.4.10 + gnutls: unable to get TLS client DN, works with openssl

Full_Name: Tiziano Müller
Version: 2.4.10
OS: Gentoo Linux 2008.0
URL: ftp://ftp.openldap.org/incoming/
Submission from: (NULL) (

I've generated certificates for the server and a client using my own CA.
The following works:
* client checks server certificate
* server checks client certificate

Nevertheless the following keeped appearing in the log:
2008-06-18T13:49:13.135510+02:00 localhost slapd[1771]: connection_read(14):
unable to get TLS client DN, error=-4 id=1

And I was therefore not able to use SASL/EXTERNAL.

When I rebuilt OpenLDAP with OpenSSL instead of GnuTLS it suddenly worked (while
not changing anything else).

The certificates have been generated using OpenSSL (even though this shouldn't