21 May
2025
21 May
'25
2:33 a.m.
On 21/5/2025 11:52 π.μ., Uwe Sauter wrote:
What is the output of your query with "-d -1" added to the command line? What is the output of "openssl s_client -connect $SERVER:636"?
Can you query your server when you disable certificate checking in ldap.conf ("TLS_REQCERT allow")?
Hi Uwe,
After further testing, I found that I can connect over ldaps from other servers (using ldapsearch) successfully, even from my (Windows) workstation with JXplorer, but not from Apache Directory Studio (also on my workstation).
Quite strange. ADS can connect to the old server (which has exactly the same certificate!) without issues.
I'll (try to) troubleshoot that further, but if you have any ideas, they are welcome!
Thanks, Nick