[Bug 618715] Re: ldapsearch ignores TLS_CACERT from /etc/ldap/ldap.conf but gladly reads ~/.ldapcert.pem

Tue, 17 Aug 2010 07:31:13 -0700 

a...@ginnungagap:~$ cat /etc/ldap/ldap.conf 
#
# LDAP Defaults
#

# See ldap.conf(5) for details
# This file should be world readable but not world writable.

BASE    dc=dsl,dc=dk
URI     ldap://admin1.dsl.lan

#SIZELIMIT      12
#TIMELIMIT      15
#DEREF          never
TLS_CACERT /etc/ssl/certs/cacert.pem
SSL start_tls

a...@ginnungagap:~$ ldapsearch -x -D "cn=admin,dc=dsl,dc=dk" -Z -W uid=abo cn
ldap_start_tls: Connect error (-11)
Enter LDAP Password: 
ldap_result: Can't contact LDAP server (-1)

a...@ginnungagap:~$ cp /etc/ssl/certs/cacert.pem .ldapcert.pem

a...@ginnungagap:~$ ldapsearch -x -D "cn=admin,dc=dsl,dc=dk" -Z -W uid=abo cn
Enter LDAP Password: 
# extended LDIF
#
# LDAPv3
# base <dc=dsl,dc=dk> (default) with scope subtree
# filter: uid=abo
# requesting: cn 
#

# abo, people, dsl.dk
dn: uid=abo,ou=people,dc=dsl,dc=dk
cn: Anders Bruun Olsen

# search result
search: 3
result: 0 Success

# numResponses: 2
# numEntries: 1

-- 
ldapsearch ignores TLS_CACERT from /etc/ldap/ldap.conf but gladly reads 
~/.ldapcert.pem
https://bugs.launchpad.net/bugs/618715
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in ubuntu.

-- 
Ubuntu-server-bugs mailing list
Ubuntu-server-bugs@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs

Reply via email to