Dear All,

 

We have installed a newer version of Ubuntu 13.10 and trying to setup LDAP client.

 

Context: Self signed server CA certificate in pem format installed on the client with a hashed symbolic link pointing to it. We have other clients that are able to validate and are working great, hence I do not think this is a certificate issue, and also it is not expired.

 

And I get this legendary error “TLS: peer cert untrusted or revoked (0x42)” for which number of recommendation have been made online, to set TLS_REQCERT & TLS_CACERT in the /etc/ldap.conf

Although this did not work for me.

 

While openssl and gnutls command can successfully connect and validate the certificate, ldapsearch and getent miserably fails.

 

Any insight into this error and an approach to fix this will be greatly appreciated.

 

Best Regards,

Amit