Eric M wrote:
I do not completely agree with your answer. What I want to achieve is a client server connection with ldapsearch with mutual TLS auhentification. These are two servers, one of which is considered a client with the ldap tools (ldapsearch) installed. As indicated in my answers, this works when using an ldaprc file in the $CWD or when specifying the TLS options of the client server with -O options but I can't understand why the information from the LDAP.conf file is not taken into account in this case. My server is a client. You specify that the certificate information in the LDAP.conf file is user-only options. Yes, this is specified in the ldap.conf manpage. This doesn't simplify the processing.
ldap.conf is for system-wide configuration. Security credentials should not be system-wide.
You've been told how to achieve the configuration you want, using ldaprc. That should be enough. This thread has wasted enough time.