I found the problem. I guess there's a number of locations where .ldaprc can be found. I have an old backup of a Linux home directory under my cygwin home and that contained a .ldaprc with a TLS_CACERTDIR setting that makes no sense on my windows box. I removed it and also the ldap.conf I just created and ldapsearch worked as expected. I can't understand why 2.4.42 ignored that file while 2.4.48 tried to use it but it seems local to my oddball situation and not a broader issue.
Thanks again for all the help and advice. On Tue, Aug 6, 2019, 15:17 David Goldberg <dsg18...@gmail.com> wrote: > Thank you, Achim! I should have thought of that myself. Indeed adding an > appropriate TLS_CACERT to ldap.conf has solved the problem and 2.4.48 > ldapsearch is working now. > > On Tue, Aug 6, 2019, 12:44 Achim Gratz <strom...@nexgo.de> wrote: > >> David Goldberg writes: >> > Correct, openssl s_client works, as does the older build of >> ldapsearch. I >> > can't find any .ldaprc nor ldap.conf files on my system. >> >> Then work the other way around and create a configuration file that >> points to the PKI. It's entirely possible that the compiled-in default >> (if there even is one) is not correct. If so I'll have to figure out >> how to change that, but until then it would be useful to know if things >> start working when the config is pointing to the existing PKI (which, as >> you tested can be used correctly by openssl). >> >> >> Regards, >> Achim. >> -- >> +<[Q+ Matrix-12 WAVE#46+305 Neuron microQkb Andromeda XTk Blofeld]>+ >> >> SD adaptations for Waldorf Q V3.00R3 and Q+ V3.54R2: >> http://Synth.Stromeko.net/Downloads.html#WaldorfSDada >> >> -- >> Problem reports: http://cygwin.com/problems.html >> FAQ: http://cygwin.com/faq/ >> Documentation: http://cygwin.com/docs.html >> Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple >> >> -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple
