Hello list.
That's not really an openldap issue, but I guess its developper knows openssl behaviour better then myself: how could a simple distribution-provided update of root certificates affect the way openldap uses my own root certificate ?
Before the update, the root certificate is correctly read from /etc/pki/tls/rootcerts, as per openldap configuration (TLS_CACERTDIR variable). After the update, the root certificate is still read, but ignored, then looked for again in /etc/pki/tls/certs, triggering a failure if not also present/symlinked from there.
The only file change affecting the tool between the two scenarios, according to strace, is /etc/pki/tls/cert.pem, which doesn't contains anything useful in my case. May a syntax error, or a too large size, triggers side-effects ?
Full traces available at https://qa.mandriva.com/show_bug.cgi?id=57512
openldap-software@openldap.org