Hi,
I think I have exactly the same problem. I have set up Ubuntu 8.04
(uptodate) as ldap-Client, and after I run "getent passwd" on that
client, the connection to the ldap-Server is refused:
TLS: peer cert untrusted or revoked (0x102)
My ldap.conf has the following entry:
URI ldaps://ldap-01.example.com/
...
TLS_CACERT /etc/ldap/ssl/cacert.pem
DEBUG 1
When I add the line TLS_REQCERT allow, everything is just working fine,
but this is no solution for me for security reasons.
The command
openssl s_client -host ldap-01.example.com -port 636 -CAfile
/etc/ldap/ssl/cacert.pem
returns:
...
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 2048 bit
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher : AES256-SHA
...
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
so, the local cacert.pem should be the correct CACertificate.
Further I have set up Suse Linux Enterprise 10 SP2 as another ldap-
client with exactly the same ldap-configuration (without the line
TLS_REQCERT allow), and everything works fine there.
As I'm bound to Ubuntu LTS versions, I cannot switch to another version
like Karmic or so. So I would be very pleased if somebody could help me
out.
Thanks
--
"TLS: peer cert untrusted or revoked (0x82)" error in Hardy's version of
ldap-utils
https://bugs.launchpad.net/bugs/257153
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
