LDAP TLS connection stopped working
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
gnutls26 (Ubuntu) |
Invalid
|
Undecided
|
Unassigned |
Bug Description
My LDAP authentication stopped working with the error: "The signature algorithm is not supported"
This is GNUTLS Error code: -106 GNUTLS_
LDAP search reproduces it:
$ ldapsearch -H ldaps:/
ldap_url_
ldap_create
ldap_url_
ldap_sasl_bind
ldap_send_
ldap_new_connection 1 1 0
ldap_int_
ldap_connect_
ldap_new_socket: 3
ldap_prepare_
ldap_connect_
ldap_pvt_connect: fd: 3 tm: -1 async: 0
TLS: can't connect: The signature algorithm is not supported..
ldap_err2string
ldap_sasl_
It looks like the SHA1 support was removed from gnutls26...
Other packages:
ldap-utils:
Version: 2.4.31-
libsasl2-2:
Version: 2.1.25.
libldap-2.4-2:
Version: 2.4.31-
ProblemType: Bug
DistroRelease: Ubuntu 14.04
Package: libgnutls26 2.12.23-12ubuntu2.4
ProcVersionSign
Uname: Linux 3.13.0-75-generic x86_64
NonfreeKernelMo
ApportVersion: 2.14.1-0ubuntu3.19
Architecture: amd64
CurrentDesktop: Unity
Date: Thu Jan 14 11:38:36 2016
InstallationDate: Installed on 2014-10-08 (462 days ago)
InstallationMedia: Ubuntu 14.04.1 LTS "Trusty Tahr" - Release amd64 (20140722.2)
SourcePackage: gnutls26
UpgradeStatus: No upgrade log present (probably fresh install)
The gnutls26 security update disabled md5 support. Are you sure one of your server certs isn't using md5?
Could you perhaps attach them here?