[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problem with ldaps:// when switching from 2.3 to 2.4

--On Monday, November 09, 2009 1:08 PM +0100 Tomasz Welman <tomasz.welman@pl.ibm.com> wrote:

I have to machine, on the first there is no problem in connecting to the
LDAP server (IBM directory server).
The first machine is RedHat RHEL5 Client, the second is Ubuntu karmic

root@xwing:/etc/ldap# uname -a
Linux xwing 2.6.31-server #1 SMP Thu Oct 1 11:55:18 CEST 2009 i686
root@xwing:/etc/ldap# dpkg -l |grep ldap
ii  ldap-utils                                 2.4.15-1ubuntu3
OpenLDAP utilities
ii  libldap-2.4-2                              2.4.15-1ubuntu3
OpenLDAP libraries
root@xwing:/etc/ldap# cat ldap.conf

Note that the second machine is using GnuTLS instead of OpenSSL, since it is Debian based. There have been a number of fixes to OpenLDAP for GnuTLS support since 2.4.15:

OpenLDAP 2.4.16 Release (2009/04/05)
	Fixed libldap GnuTLS with x509v1 CA certs (ITS#5992)
	Fixed libldap GnuTLS with CA chains (ITS#5991)
	Fixed libldap GnuTLS TLSVerifyClient try (ITS#5981)

OpenLDAP 2.4.17 Release (2009/07/13)
	Fixed libldap GnuTLS private key init (ITS#6053)

If you want to use a GnuTLS based version of OpenLDAP, I suggest you build a newer release.



Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
Zimbra ::  the leader in open source messaging and collaboration