http://www.openldap.org/its/index.cgi/Software Bugs?id=6053;expression=gnutls is a better link to that patch
compiled with openssl rather than gnutls and it's happier.. Aha!!! Found it :-) openssl client then complained that the ceritficate was not suitable for the purpose. In short, I had put a client cert on, not a server set. I use easy-rsa2 from openvpn package to build certs and I had ran it with ./build-key not ./build-key-server. Once the ldap keypair was rebuilt with "-extensions server" everthing was happy (even on the older version of software). Naturally it would be nice if openldap checked this and produced a helpful error :-) many thanks for your help and prompt replies. -- slapd + gnutls fails https://bugs.launchpad.net/bugs/217159 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
