https://bugzilla.novell.com/show_bug.cgi?id=778865 https://bugzilla.novell.com/show_bug.cgi?id=778865#c1 Marcus Meissner changed: What |Removed |Added ---------------------------------------------------------------------------- Priority|P0 - Crit Sit |P2 - High CC| |meissner@suse.com AssignedTo|bnc-team-screening@forge.pr |rhafer@suse.com |ovo.novell.com | --- Comment #1 from Marcus Meissner 2012-09-06 07:31:17 UTC --- please do not use P0 in openSUSE. -> maintainer -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.

https://bugzilla.novell.com/show_bug.cgi?id=778865 https://bugzilla.novell.com/show_bug.cgi?id=778865#c3 --- Comment #3 from Andreas Vetter 2012-09-07 09:56:24 UTC --- In your case TLS_REQCERT try might be better.

From manual page of ldap.conf:

TLS_REQCERT <level> Specifies what checks to perform on server certificates in a TLS session, if any. The <level> can be specified as one of the following keywords: never The client will not request or check any server certificate. allow The server certificate is requested. If no certificate is provided, the session proceeds normally. If a bad cer- tificate is provided, it will be ignored and the session proceeds normally. try The server certificate is requested. If no certificate is provided, the session proceeds normally. If a bad cer- tificate is provided, the session is immediately terminated. demand | hard These keywords are equivalent. The server certificate is requested. If no certificate is provided, or a bad cer- tificate is provided, the session is immediately terminated. This is the default setting. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.