Yes, I also have a few error messages containing "amavis[1533]: nss- ldap: do_open: do_start_tls failed:stat=-1".
Removing "ssl start_tls" from /etc/ldap.conf allows amavis to start. So the problem looks to be when amavis checking libnss when it is set to use LDAP with STARTTLS. The TLS certificates used by the LDAP server are signed by the company CA which is set in the tls_cacertfile option in /etc/ldap.conf. They work fine when using "getent password" and other commands. The same certificates also work fine in Ubuntu 12.04. Setting libnss to not check certificate by adding "tls_checkpeer no" to /etc/ldap.conf to not change behaviour. -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to amavisd-new in Ubuntu. https://bugs.launchpad.net/bugs/1316293 Title: unable to start To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/amavisd-new/+bug/1316293/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
