Bug#810814: libgnutls26: Encrypted LDAP connection doesn't work after libgnutls26 update
Christoph Schindler
hop at 30hopsmax.at
Thu Jan 14 22:49:54 UTC 2016
@Stanislav: are you per chance using a cacert.org-certificate?
The problem seems to have to do with a self-signed root certificate that uses MD5 (as the root cert from cacert.org does) for its signature.
If the server provides such a root certificate in the certificate chain, gnutls will refuse to connect, even if the root cert is known to - and trusted by - the client.
More information about the Pkg-gnutls-maint
mailing list