From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (qmail 69012 invoked by alias); 5 Aug 2019 19:25:16 -0000 Mailing-List: contact cygwin-help@cygwin.com; run by ezmlm Precedence: bulk List-Id: List-Subscribe: List-Archive: List-Post: List-Help: , Sender: cygwin-owner@cygwin.com Mail-Followup-To: cygwin@cygwin.com Received: (qmail 68917 invoked by uid 89); 5 Aug 2019 19:25:15 -0000 Authentication-Results: sourceware.org; auth=none X-Spam-SWARE-Status: No, score=-0.7 required=5.0 tests=AWL,BAYES_50,SPF_PASS autolearn=ham version=3.3.1 spammy=certificate, goldberg, 2.4.48-1, Openldap X-HELO: zmcc-2-mx.zmailcloud.com Received: from zmcc-2-mx.zmailcloud.com (HELO zmcc-2-mx.zmailcloud.com) (52.37.197.7) by sourceware.org (qpsmtpd/0.93/v0.84-503-g423c35a) with ESMTP; Mon, 05 Aug 2019 19:25:12 +0000 Received: from zmcc-2.zmailcloud.com (zmcc-2-mta-1.zmailcloud.com [146.148.52.56]) (using TLSv1.2 with cipher ADH-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by zmcc-2-mx.zmailcloud.com (Postfix) with ESMTPS id 02AE6404CB; Mon, 5 Aug 2019 15:41:32 -0400 (EDT) Received: from zmcc-2.zmailcloud.com (localhost [127.0.0.1]) by zmcc-2-mta-1.zmailcloud.com (Postfix) with ESMTPS id A7703CDBCF; Mon, 5 Aug 2019 14:25:10 -0500 (CDT) Received: from localhost (localhost [127.0.0.1]) by zmcc-2-mta-1.zmailcloud.com (Postfix) with ESMTP id 9AA90CDBA8; Mon, 5 Aug 2019 14:25:10 -0500 (CDT) Received: from zmcc-2.zmailcloud.com ([127.0.0.1]) by localhost (zmcc-2-mta-1.zmailcloud.com [127.0.0.1]) (amavisd-new, port 10026) with ESMTP id QtVLu2Wl3jg8; Mon, 5 Aug 2019 14:25:10 -0500 (CDT) Received: from [192.168.1.39] (47-208-128-44.erkacmtk03.res.dyn.suddenlink.net [47.208.128.44]) by zmcc-2-mta-1.zmailcloud.com (Postfix) with ESMTPSA id 4F97DCDB09; Mon, 5 Aug 2019 14:25:10 -0500 (CDT) Date: Mon, 05 Aug 2019 19:25:00 -0000 From: Quanah Gibson-Mount Reply-To: Quanah Gibson-Mount To: David Goldberg , cygwin@cygwin.com Subject: Re: Openldap 2.4.48-1 vs my company's pki Message-ID: <228DE7899A9CF9C913C8B1B8@[192.168.1.39]> In-Reply-To: References: <87ftmje5zb.fsf@Rainer.invalid> <874l2y4ulo.fsf@Rainer.invalid> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-IsSubscribed: yes X-SW-Source: 2019-08/txt/msg00055.txt.bz2 --On Monday, August 05, 2019 9:22 AM -0400 David Goldberg wrote: > Sorry, was away from work over the weekend. I just tested with openssl > s_client and it works just fine. Version is 1.1.1. there is no self > signed certificate. It's signed with the company pki rather than > commercial and I've properly installed that chain. The problem send to be > with the new build, at least the weird ldd output leads me to that > conclusion. I'll try to find some time to build from source and see if it Do you mean you connected to the ldap server using OpenSSL s_client to confirm that works? If that works and the ldapsearch (or other ldap client) binary does not, then you likely have a global /etc/ldap.conf (or whereever this build looks for it) or a ~/.ldaprc file that defines the path or file to find the CA certificate that would need updating. Regards, Quanah -- Quanah Gibson-Mount Product Architect Symas Corporation Packaged, certified, and supported LDAP solutions powered by OpenLDAP: -- Problem reports: http://cygwin.com/problems.html FAQ: http://cygwin.com/faq/ Documentation: http://cygwin.com/docs.html Unsubscribe info: http://cygwin.com/ml/#unsubscribe-simple