FreeBSD, OpenLDAP and 2048 bits certificates
Olivier.Nicole at cs.ait.ac.th
Tue Sep 6 09:45:18 UTC 2016
I have several FreeBSD server, authenticating to LDAP, this has been
working fine for years.
I want to update the certificate I am currently using for OpenLDAP, from
a 1024 bit self signed to a 2048 bits properly signed certificate.
When I do the change in OpenLDAP server, Ubuntu clients, Mac OS X
clients, perls clients, php clients are happy. They recognize the new
certificate and the change is transparent.
But it is not for FreeBSD (namely nss_ldap and pam_ldap). It looks like
the server part of OpenLDAP is working fine, but not the client part.
Have you any idea what the problem could be?
More information about the freebsd-questions