On Mon, 15 Oct 2012, Darouichi, Aziz wrote:
TLS_CACERTDIR /opt/local/etc/openldap/cacert.pem
Not that I want to impose my filename conventions on you, but usually if I had a "cacert.pem" it would be a file, not a directory...and as such, it would be TLS_CACERT instead of TLS_CACERTDIR? Was this intentional?
If it is a directory and you're using OpenSSL, did you remember to do the OpenSSL directory hashing magic?