[Bug 257153] Re: "TLS: peer cert untrusted or revoked (0x82)" error in Hardy's version of ldap-utils

[gdowle]

Ok, I solved my problem now.

My cacert.pem was a x509 v3 certificate, with Signature Algorithm:
md5WithRSAEncryption. With that cacert I got a "Verification failed"
from the gnutls-cli command (but not from the openssl command like
posted above).

After creating a new x509 v3 cacert.pem with Signature Algorithm:
sha1WithRSAEncryption, the gnutls-cli command succeeds with "Peer's
certificate is trusted", and the ldap authentication works fine now on
my Ubuntu 8.04 machine.

Software:
dpkg-query -W -f='${Package} ${Version} ${Source} ${Status}\n' | egrep 'slapd|ldap|gnutls'
gnutls-bin 2.0.4-1ubuntu2.6 gnutls13 install ok installed
ldap-auth-client 0.5  install ok installed
ldap-auth-config 0.5 ldap-auth-client install ok installed
ldap-utils 2.4.9-0ubuntu0.8.04.1 openldap2.3 install ok installed
libcurl3-gnutls 7.18.0-1ubuntu2.2 curl install ok installed
libgnutls13 2.0.4-1ubuntu2.6 gnutls13 install ok installed
libldap-2.4-2 2.4.9-0ubuntu0.8.04.1 openldap2.3 install ok installed
libnss-ldap 258-1ubuntu3  install ok installed
libpam-ldap 184-2ubuntu2  install ok installed

-- 
"TLS: peer cert untrusted or revoked (0x82)" error in Hardy's version of ldap-utils
https://bugs.launchpad.net/bugs/257153
You received this bug notification because you are a member of Ubuntu
Server Team, which is subscribed to openldap in ubuntu.