Just to assure anyone working on this that my certs and config are OK, I
copied this as a .ldaprc to a CentOS box (with openssl-linked
ldapsearch), and it worked fine:
TLS_CACERT /root/.pki/ssl-cert-local-ca.pem
TLS_CERT /root/.pki/dhcpd.pem
TLS_KEY /root/.pki/dhcpd.key
#TLS_CERT /root/.pki/ldap-client.pem
#TLS_KEY /root/.pki/ldap-client.key
BASE dc=strategicit,dc=linuxoz,dc=net
URI ldap://fusion.strategicit.linuxoz.net
TLS_REQCERT demand
#TLS_CIPHER_SUITE "256SECURE"
TLS_CIPHER_SUITE "TLSv1+HIGH:!SSLv2:!aNULL:!eNULL:!3DES:@STRENGTH";
--
Mark Pavlichuk
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org