dev-zero@gentoo.org wrote:
Full_Name: Tiziano Müller Version: 2.4.10 OS: Gentoo Linux 2008.0 URL: ftp://ftp.openldap.org/incoming/ Submission from: (NULL) (212.126.163.234)
I've generated certificates for the server and a client using my own CA. The following works:
- client checks server certificate
- server checks client certificate
Nevertheless the following keeped appearing in the log: 2008-06-18T13:49:13.135510+02:00 localhost slapd[1771]: connection_read(14): unable to get TLS client DN, error=-4 id=1
And I was therefore not able to use SASL/EXTERNAL.
When I rebuilt OpenLDAP with OpenSSL instead of GnuTLS it suddenly worked (while not changing anything else).
The certificates have been generated using OpenSSL (even though this shouldn't matter).
Works fine for me. Most likely your GnuTLS is broken. See ITS#5515. This ITS will be closed.