[sudo-users] Sudo LDAP+TLS in 1.7.2

Tony G. tonysk8 at gmail.com
Tue Sep 21 12:02:27 EDT 2010

And now is working :)

Looks like this version(1.7.2) ignores my line:
tls_cacertdir /etc/openldap/cacerts

I needed to add:
*tls_cacertfile* /etc/openldap/cacerts/ca.pem

Your suggestion of tlc_cacert is introduced until version 1.7.4:

   - Sudo now recognizes "tls_cacert" as an alias for "tls_cacertfile" in

I couldn't find any reference of change for tls_cacertdir in the changelog,
I wonder if this is expected or still a bug.

Thanks Todd for your suggestions.

On Tue, Sep 21, 2010 at 10:18 AM, Todd C. Miller
<Todd.Miller at courtesan.com>wrote:

> Try adding the following line to /etc/ldap.conf:
> tls_cacert /etc/openldap/cacerts/ca.pem
> and see if it makes a difference.
>  - todd


More information about the sudo-users mailing list