Hello again,
maybe an other usefull information, before people ask me to
send other config files for ldap/slapd.
I can check my certifications with
openssl s_client -CAfile cacert.pem -connect ldap_server:636
without any problems.
The last line is:
Verify return code: 0 (ok)
Regards, Olf Epler
>
> At least two types of problems were reported with ldap use at about the
> time that the updates for sl52 came out.
>
> One was related to dbus not being listed as an ignoregroups option and so
> systems would hang during dbus startup.
>
> Another was related to changes in nss_ldap which changes how the
> ldap.conf was being parsed - so previously working configs stopped - and
> most of the reported problems were with people using ssl. That may have
> been related to the port option in the config (or might not).
>
> Using "ldap://<server>" and "ssl tls_start" may work depending on whether
> your ldap server allows starttls.
>
> If you include a copy of your /etc/ldap.conf (and perhaps the ldap server
> config) it may all be obvious to those who had the problems last year...
>
----------------------------------------------------------
Olf Epler phone: +49 30 2093-7804
Humboldt University Berlin fax: +49 30 2093-7642
Department of Physics
Newtonstr. 15
12489 Berlin email: [log in to unmask]
----------------------------------------------------------