Gábor Gombás <gomb...@sztaki.hu> writes: > Package: libgnutls26 > Version: 2.4.2-5 > Severity: important > > > Hi, > > After upgrading to libgnutls26 2.4.2-5, LDAP authentication fails (including > ldap-utils, libnss-ldap and apache's mod_authnz_ldap). The error message from > ldapsearch ends with: > > TLS: peer cert untrusted or revoked (0x102) > ldap_err2string > ldap_start_tls: Connect error (-11) > > 2.4.2-6 in sid is also affected. Re-installing 2.4.2-4 fixes the problem.
Please provide output from: gnutls-cli -p 663 your.ldap.server -d 4711 --print-cert Replacing your.ldap.server as appropriate. I suspect your chain contains a certificate signed with RSA-MD5, if so you need to trust an intermediary certificate directly to work around the problem. You'll need 2.4.2-6 for this to work. /Simon -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
