I have a Debian 6.0.5 server running OpenLDAP which appears to be linked against GnuTLS. I have generated a self-signed certificate using certtool and have successfully used it to authenticate Debian client machines against the OpenLDAP ldaps:// server in question.
However, when I try to do the same on a CentOS 6 client, I am unable to do so.
On the CentOS client, if I try to run ldapsearch against the server, I get the following:
ldap_start_tls: Can't contact LDAP server (-1)
additional info: TLS error -8101:Certificate type not approved for application.
On the CentOS client, if I try to run gnutls-cli-debug, I get the following:
Connecting to '10.6.0.11:636'...
Error in %INITIAL_SAFE_RENEGOTIATION
Checking for Safe renegotiation support...
And then it just dies.
I am getting the feeling this has something to do with GnuTLS and openssl?
Any ideas?
Thanks!
OD