enterprise-support team mailing list archive

[Ian Gordon <ian.gordon@xxxxxxxxxxxx>]

Public bug reported:


syncrepl gives a "slap_client_connect: URI=ldap://ldaphost.domain.com Error, ldap_start_tls failed (-11)" error

syncrepl was working perfectly until I upgraded libgnutls26 from

version 2.12.14-5ubuntu3.10

to

version 2.12.14-5ubuntu3.11

This new version of gnutls just seems to only have a simple fix for
CVE-2015-7575

ldapsearch works perfectly happily with the new version of gnutls and
our SSL certificate.

My syncrepl config looks like this:

syncrepl        rid=222
                provider=ldap://ldaphost.domain.com
                starttls=critical
                type=refreshAndPersist
                retry=60,+
                searchbase="dc=ccc,dc=sssssss,dc=aa,dc=uu"
                scope=sub
                schemachecking=off
                bindmethod=simple
                binddn="cn=uuuuuu,dc=ccc,dc=sssss,dc=aa,dc=uu"
                credentials=XXXXXXXX

ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: slapd 2.4.28-1.1ubuntu4.6
ProcVersionSignature: Ubuntu 3.2.0-97.137-generic 3.2.73
Uname: Linux 3.2.0-97-generic x86_64
ApportVersion: 2.0.1-0ubuntu17.13
Architecture: amd64
Date: Mon Jan 25 13:33:26 2016
InstallationMedia: Ubuntu-Server 12.04 LTS "Precise Pangolin" - Release amd64 (20120424.1)
MarkForUpload: True
SourcePackage: openldap
UpgradeStatus: No upgrade log present (probably fresh install)
mtime.conffile..etc.default.slapd: 2012-10-02T10:07:38

** Affects: openldap (Ubuntu)
     Importance: Undecided
         Status: New


** Tags: amd64 apport-bug precise

-- 
You received this bug notification because you are a member of Ubuntu
Server/Client Support Team, which is subscribed to openldap in Ubuntu.
Matching subscriptions: Ubuntu Server/Client Support Team
https://bugs.launchpad.net/bugs/1537762

Title:
  syncrepl does not work when using tls

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openldap/+bug/1537762/+subscriptions