I confirm that ldpas broke after upgrade. This is the workaround in my case:
1) Commented out TLSCipherSuite from /etc/ldap/slapd.conf so it picks-up the defaults. 2) Changed TLS_REQCERT from "allow" to "never" into /etc/ldap/ldap.conf. The clients connect to a name which is different from the commonName stated into the self signed certificate. However this is strange beacuse LDAP.CONF(5) states that TLS_REQCERT "allow" means: The server certificate is requested. If no certificate is provided, the session proceeds normally. If a bad certificate is provided, it will be ignored and the session proceeds normally. But the session does not proceeds normally, even if I add a subjectAltName into the certificate. -- Niccolo Rigacci Firenze - Italy -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
