I looked through my saved messages and the archives for this question and couldn't find an answer to this particular problem.
I think that my ldap client and server are using two different certificates. I know the server certificate is specified under TLSCertificateFile in slapd.conf but where is the client picking up its certificate. Could someone please tell me how I can find out where client looks for the certificate information?
I came across this problem because when I do ldapsearch without -ZZ I get the data I'm expecting to see. But when I do the same search with -ZZ option I only get "ldap_start_tls: Success" and no data.
I looked through diagnostics on the client side and saw an error with mismatched hostnames on certificates. It's clear that two different certificates are being used by the client and server but why and how can I fix it?
Thanks a lot in advance