openldap-clients 2.4.23-4 or greater uses Mozilla NSS instead of OpenSSL for TLS/SSL

Solution Verified - Updated -

Issue

After updating to 'openldap-clients-2.4.23-4' or greater LDAP queries utilizing TLS or SSL fails.

# ldapsearch -x -LLL -H ldaps://ldap.domain.com -b dc=domain,dc=com -D user@domain.com -W "cn=user1"
Enter LDAP Password:
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)

Environment

  • Red Hat Enterpirse Linux (RHEL) 6
    • openldap-clients >= 2.4.23-4

Subscriber exclusive content

A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.

Current Customers and Partners

Log in for full access

Log In