[Pkg-openldap-devel] Bug#538278: Bug#538278: ldaps doesn't work with tls
Quanah Gibson-Mount
quanah at zimbra.com
Fri Jul 24 17:23:45 UTC 2009
--On Friday, July 24, 2009 5:16 PM +0200 Nicolas Jungers
<deblbug at jungers.net> wrote:
> Package: slapd
> Version: 2.4.11-1
>
> My installation of slapd fails to successfully negotiate a tls or a ssl
> connection. An unencrypted connection works fine. The used set of
> key/certificates works within the couple (gnutls-server,gnutls-cli).
>
> Any pointer to an obvious mistake will be appreciated :-)
Unfortunately, the most obvious mistake I see is using OpenLDAP 2.4.11 with
GnuTLS. Which, since it appears you are using the Debian build, I'd assume
you are doing. There are numerous fixes to OpenLDAP GnuTLS support since
that release, and the GnuTLS side has had some fixes as well.
OpenLDAP 2.4.17 Release (2009/07/13)
Fixed libldap gnutls private key init (ITS#6053)
OpenLDAP 2.4.16 Release (2009/04/05)
Fixed libldap GnuTLS with x509v1 CA certs (ITS#5992)
Fixed libldap GnuTLS with CA chains (ITS#5991)
Fixed libldap GnuTLS TLSVerifyClient try (ITS#5981)
OpenLDAP 2.4.15 Release (2009/02/24)
Fixed libldap GnuTLS compilation (ITS#5955)
OpenLDAP 2.4.14 Release (2009/02/14)
Added libldap GnuTLS support for TLS_CIPHER_SUITE (ITS#5887)
Added libldap GnuTLS setting random file (ITS#5462)
Fixed libldap interaction with GnuTLS CN IP-based matches (ITS#5789)
OpenLDAP 2.4.13 Release (2008/11/24)
Fixed libldap interaction with GnuTLS CN IP-based matches (ITS#5789)
--Quanah
--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra :: the leader in open source messaging and collaboration
More information about the Pkg-openldap-devel
mailing list