On Mon, Mar 09, 2009 at 02:21:58PM -0000, Doug Engert wrote: > The real fix is to get the gnutls people to support certificate > directories, like OpenSSL. Why the rush to convert to gnutls > when it has so many issues. (Licencing issues are low on my list of > reasons.)
Licensing was the main motivation to move to 2.4 and GnuTLS. The other option was to keep the client libraries to 2.1. > > If the system running slapd is on hardy (or intrepid or jaunty) you > > should also add all of the CA certificates to the server certificate > > file - this is to workaround a bug where the slapd daemon doesn't send > > all of the CA certificates to the client. > > All or just the intermediate certificates? > The intermediate certificates should be enough. If not all of them should work. > Another issue with gnutls, no intermediate file (or directory) of > certificates. > Please open a new bug to track this specific issue. -- Mathias Gug Ubuntu Developer http://www.ubuntu.com -- gnutls regression: failure in certificate chain validation https://bugs.launchpad.net/bugs/305264 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to openldap in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs