Package: nslcd Version: 0.7.15+squeeze1
During dpkg installation, the package asks if TLS should be used and in what mode If the `demand' mode is selected, the option tls_reqcert demand is added to /etc/nslcd.conf. However, connection to the LDAP server fails, on the first attempt, with this error: nslcd: [8b4567] failed to bind to LDAP server ldaps://ldap.example.org/: Can't contact LDAP server: No such file or directory and on subsequent attempts, it logs this error: nslcd: [8b4567] failed to bind to LDAP server ldaps://ldap.example.org/: Can't contact LDAP server: Operation now in progress To make the TLS `demand' setting work, I found I also had to add this option to /etc/nslcd.conf: tls_cacertfile /etc/ssl/certs/cacert.org.pem I suspect that adding tls_cacertdir /etc/ssl/certs would also work. I would propose that if the priority setting is low, the user should be able to type a cert filename, and the priority is high, it should default to /etc/ssl/certs -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
