Hello
Redhat issued new openldap packages a few months ago because of a
problem with SSL certificates containing a subjectAltName. Details are
here: https://rhn.redhat.com/errata/RHBA-2004-224.html
Scientific Linux has the updated openldap packages, but nss_ldap
statically compiles in LDAP support. It seems that nss_ldap never got
recompiled against that LDAP library because it still has the problems
with subjectAltName certificates, so that package needs to be rebuilt.
Andy