Hello .. I started using SuSE with v7.3 almost a year ago, maybe more ..my network is setup using LDAP w/SSL. I have Debian(x86/sparc), redhat(x86), solaris(sparc), and Suse(x86) here. All of them authenticate off my openldap server via SSL/TLS. Well all except for SuSE 8.1. SuSE 7.3 and 8.0 had no troubles authenticating with SSL/TLS but 8.1 does not for some reason. I checked the libs and the libnss-ldap is linked against ssl libs so it should work but for some reason it does not. I am using the same config as on the other systems. When I turn off SSL/TLS it immediately starts working. I tried searching the suse support database but came up empty. config for no-ssl(/etc/openldap/ldap.conf): host 10.10.10.7 base ou=People,o=aphroland,c=us uri ldap://redhat.aphroland.org:3890/ ldap_version 3 binddn cn=nss,o=aphroland,c=us bindpw MY_SUPER_SECRET_PASSWORD port 3890 nss_base_passwd ou=People,o=aphroland,c=us?one nss_base_group ou=Group,o=aphroland,c=us?one config for ssl: host 10.10.10.7 base ou=People,o=aphroland,c=us uri ldaps://redhat.aphroland.org:6360/ ldap_version 3 binddn cn=nss,o=aphroland,c=us bindpw MY_SUPER_SECRET_PASSWORD port 6360 nss_base_passwd ou=People,o=aphroland,c=us?one nss_base_group ou=Group,o=aphroland,c=us?one I cannot find any errors in the logs, all logs go to my syslog server and when grepping them for the system name, nothing ldap related comes up, it's like the system doesn't even TRY to query. though when running an strace(I'm testing using finger) it does show it connecting to 10.10.10.7 though thats about all the info I can decipher. when running finger some_user without SSL/TLS I get that info back from the ldap server, with SSL/TLS turned on, I get no such user. Running the slapd server in debug mode(running openldap on a redhat 7.3 box), I do see this message: TLS: can't accept. TLS: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca s3_pkt.c:964 I do notice that SusE has openldap 2.1.x installed whereas all my other systems use 2.0.23, perhaps this is part of the problem? There is very little info in the ldap.conf manpage .. anyone else run into this? Can't find much on google. I suppose I could recompile openldap 2.0.23 on suse 8.1 but would rather work with what's on the CDs if possible. thanks. nate