My LDAP server's ldap.conf file
#
# LDAP Defaults
#
See ldap.conf(5) for details
This file should be world readable but not world writable.
BASE dc=coretesting,dc=com
URI ldap://ldap.coretesting.com #ldap://ldap-master.example.com:666
#SIZELIMIT 12
#TIMELIMIT 15
#DEREF never
TLS certificates (needed for GnuTLS)
TLS_REQCERT demand
TLS_CACERTDIR /etc/ssl/certs/
TLS_CACERT /etc/ssl/certs/cacert.pem
TLS_CERT /etc/ssl/certs/slapd01.pem
TLS_KEY /etc/ssl/private/slapd01_key.pem
#TLS_CRLCHECK all
#TLS_PROTOCOL_MIN 3
Whenever my client tries to connect with the server first time alone ldap_start_tls_s fails.
Error code ldap_start_tls: Connect error (-11)
The second time onwards it is working fine.
I know that TLS_REQCERT demand data on ldap.conf file can resolve this error.
When we try to use a secured connection there is no meaning of providing other than demand option.
If any experts know the root cause or solution please let me know.
Regards, Ram
