Comment 9 for bug 1579209

Hello again,

I made a mistake on above post. In 1-5, about 'LDAP Authentication' describing /etc/ldap.conf modification, I wrote:

> You don't need to have 'tls_cacertfile' line. System will find CA certificate by itself as long as you put it in standard certificate folder (/etc/ssl/certs/).

Turned out you actually NEED 'tls_cacertfile' line. So you have to add 2 lines in /etc/ldap.conf to use TLS enabled libnss_ldap.

  ssl start_tls
  tls_cacertfile /etc/ssl/certs/cacert.pem

Sorry about the mess.