Bug#506853: libgnutls26: 2.4.2-3 breaks OpenLDAP access
Simon Josefsson
simon at josefsson.org
Tue Nov 25 10:41:25 UTC 2008
Stefan Soeffing <soeffing at physik.uni-kl.de> writes:
> Package: libgnutls26
> Version: 2.4.2-3
> Severity: important
>
> After the upgrade from 2.4.2-1 to 2.4.2-3 access to an OpenLDAP server is broken. ldapwhoami says:
> TLS: peer cert untrusted or revoked (0x2)
> ldap_start_tls: Can't contact LDAP server (-1)
>
> The certificate is valid until 2018 and was not revoked, everything works fine with the old version.
> Unfortunately this breaks authentication via LDAP on all our machines, which caused me some trouble.
>
> I had to revert to version 2.2.2-1 from snapshots.debian.net, since I didn't find the 2.4.2-1 version anywhere.
>
> Thanks for all information concerning this.
Can you run 'gnutls-cli --insecure -p 636 your.ldap.server -d 4711
--print-cert' using the (for you) broken gnutls package and post the
output?
/Simon
More information about the Pkg-gnutls-maint
mailing list