(And, before you
add TLSCipherSuite/TLS_CIPHER_SUITE back into to your OpenLDAP
configuration, you test with -cipher first.)
I wouldn't know what set of ciphers to use, I've tried the ones defined
by Apache (which works) and several examples from the internet. Nothing
works.
And, if that doesn't help, example other settings. You
should be able to translate your s_client/s_server success
to ldapsearch/slapd success. There is a direct relationship
between s_client/s_server options and ldapsearch/slapd
configuration options.
Well, in that case, I could say that the defaults work for
s_client/s_server and not for ldapsearch/slapd.