Richard A Nelson wrote:
Whilst openldap is built against gnutls, libpam-ldap is built against
openssl. Could you-run the server test using openssl s_client ?
Hello,
it's essentially he same response:
========================================================
p2:~# openssl s_client -connect 10.76.195.82:636 -verify 1 -CAfile
/etc/ssl/certs/jp09_cert.pem
verify depth is 1
CONNECTED(00000003)
depth=1 /CN=Juergen
Prenzel/ST=Niedersachsen/C=DE/emailaddress=jpre...@gwdg.de/O=Univers
verify return:1
depth=0
/CN=10.76.195.82/ST=Niedersachsen/C=DE/emailaddress=jpre...@gwdg.de/O=University
verify return:1
---
Certificate chain
=== ... ===
Server certificate
=== ... ===
-----END CERTIFICATE-----
subject=/CN=10.76.195.82/ST=Niedersachsen/C=DE/emailaddress=jpre...@gwdg.de/O=University
issuer=/CN=Juergen
Prenzel/ST=Niedersachsen/C=DE/emailaddress=jpre...@gwdg.de/O=Universi
---
No client certificate CA names sent
---
SSL handshake has read 1969 bytes and written 316 bytes
---
New, TLSv1/SSLv3, Cipher is AES256-SHA
Server public key is 1024 bit
Compression: NONE
Expansion: NONE
SSL-Session:
Protocol : TLSv1
Cipher :
AES256-SHAMIIDOTCCAiGgAwIBAgIBBTANBgkqhkiG9w0BAQsFADCBmzEYMBYGA1UEAxMPSnVl
=== ... ===
9RE0wYNy9FahulPiQ==
--
Session-ID:
ED62D0C703 ...
Session-ID-ctx:
Master-Key:
4FC86A64B89582E ...DE03B1B326E78DD196C8A0C9118836E8B964E5274495BE44CC21267D5
Key-Arg : None
Start Time: 1255229471
Timeout : 300 (sec)
Verify return code: 0 (ok)
---
============================================================
I wonder if anyone else has recently met difficulties at this point ...
Juergen Prenzel
cmdlbiBQc
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org