Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 06 Sep 2016 16:37:18 +0700
From:      Olivier <>
Subject:   FreeBSD, OpenLDAP and 2048 bits certificates
Message-ID:  <>

Next in thread | Raw E-Mail | Index | Archive | Help

I have several FreeBSD server, authenticating to LDAP, this has been
working fine for years.

I want to update the certificate I am currently using for OpenLDAP, from
a 1024 bit self signed to a 2048 bits properly signed certificate.

When I do the change in OpenLDAP server, Ubuntu clients, Mac OS X
clients, perls clients, php clients are happy. They recognize the new
certificate and the change is transparent.

But it is not for FreeBSD (namely nss_ldap and pam_ldap). It looks like
the server part of OpenLDAP is working fine, but not the client part.

Have you any idea what the problem could be?

best regards,


Want to link to this message? Use this URL: <>