Hi,
Since i have upgrade to 25.1.9, LDAP auth server authentications fails with:
Error audit Could not startTLS on ldap connection [error:0200008A:rsa routines::invalid padding; Connect error]
Additional informations:
* Previous working version: 25.1.8
* Backend LDAP server version: 2.5.13+dfsg-5 (Debian bookworm)
Tested from opnsense cli:
* openssl s_client -starttls ldap -connect my_server_fqdn:389
---
No client certificate CA names sent
Peer signing digest: SHA256
Peer signature type: RSA-PSS
Server Temp Key: X25519, 253 bits
---
SSL handshake has read 4197 bytes and written 443 bytes
Verification: OK
---
New, TLSv1.3, Cipher is TLS_AES_256_GCM_SHA384
Server public key is 4096 bit
Secure Renegotiation IS NOT supported
Compression: NONE
Expansion: NONE
No ALPN negotiated
Early data was not sent
Verify return code: 0 (ok)
* ldapwhoami -H ldap://my_server_fqdn -ZZ -x -v
anonymous
Result: Success (0)
I use self signed certificates on my ldap server with:
Signature Algorithm: sha512WithRSAEncryption
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
Public-Key: (4096 bit)
Thanks in advance,