Public bug reported: Binary package hint: libldap2
After upgrading from self created certificates to an official certificate (chained - root CA: GTE CyberTrust - signing CA: Cybertrust Edu) our PHP Ldap apps did not work anymore, but ldapsearch and other ldap-utils had no problems with the new certificate. php ldaps://.. binding failed - without ssl/tls all worked like before. Turning on debugging reveals that there's a problem with verifying the certificate - but what problem -- Unknown error ?? TLS certificate verification: depth: 0, err: 66, subject: issuer: C=BE,O=Cybertrust,OU=Educational CA,CN=Cybertrust Educational CA, [error] [client ] TLS certificate verification: Error, Unknown error, referer: [error] [client ] TLS: can't connect., referer: After some days trying to find the problem, I found a posting in an openldap maillist from someone with the same problem: http://www.openldap.org/lists/openldap-bugs/200411/msg00001.html The reason was the too old libldap version 2.1.30: http://www.openldap.org/lists/openldap-bugs/200411/msg00015.html So I created new dapper packages for openldap2.3-2.3.27 and enabled the building of the libldap2.3-dev package. I rebuilt apache2 and php5 against this libldap2.3-dev and the resulting php5-ldap package works again with ldaps and our new certificate. Is there any chance to get rid of this "prehistoric" 2.1.30 version and build Ubuntu against a working supported version ? Thanks, Gerald ** Affects: openldap2 (Ubuntu) Importance: Untriaged Status: Unconfirmed -- php5-ldap fails with official (chained) certificate https://launchpad.net/bugs/58487 -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
