Package: libgnutls26 Followup-For: Bug #810814 Hi,
I can confirm that the addition of 'SECURE256' in the cipher suites configuration seems to be the problem, switching from olcTLSCipherSuite: SECURE256:!ARCFOUR-128:!3DES-CBC:-VERS-SSL3.0 to olcTLSCipherSuite: NORMAL:!ARCFOUR-128:!3DES-CBC:-VERS-SSL3.0 worked for me, but is of course not ideal. Debugging with gnutls-cli yields the same results as in the related Ubuntu bug report https://bugs.launchpad.net/ubuntu/+source/gnutls26/+bug/1534230 i.e. 'SECURE256' doesn't work, while 'SECURE256:+SIGN-ALL' does work with gnutls-cli (but unfortunately the +SIGN-ALL doesn't help when configuring slapd's olcTLSCipherSuite). Cheers Wolfgang -- System Information: Debian Release: stretch/sid APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Kernel: Linux 4.2.0-1-686-pae (SMP w/4 CPU cores) Locale: LANG=en_US.utf8, LC_CTYPE=en_US.utf8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Init: sysvinit (via /sbin/init) Versions of packages libgnutls26 depends on: ii libc6 2.19-22 pn libgcrypt11 <none> ii libp11-kit0 0.23.1-3 ii libtasn1-6 4.7-2 ii multiarch-support 2.19-22 ii zlib1g 1:1.2.8.dfsg-2+b1 libgnutls26 recommends no packages. libgnutls26 suggests no packages.
