Hi, here is log after I try to redo cert but using hostname instead of IP Address.
BTW: I got this error instead "TLS: peer cert untrusted or revoked (0x42)"
ldap_err2string
But this error "ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)" still the same.
debian:/etc/ssl/CA# ldapsearch -d 255 -x
ldap_create
ldap_sasl_bind
ldap_send_initial_request
ldap_new_connection 1 1 0
ldap_int_open_connection
ldap_connect_to_host: TCP 192.168.1.192:389
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying 192.168.1.192:389
ldap_pvt_connect: fd: 3 tm: -1 async: 0
ldap_close_socket: 3
ldap_int_open_connection
ldap_connect_to_host: TCP 192.168.1.192:636
ldap_new_socket: 3
ldap_prepare_socket: 3
ldap_connect_to_host: Trying 192.168.1.192:636
ldap_pvt_connect: fd: 3 tm: -1 async: 0
tls_write: want=93, written=93
0000: 16 03 02 00 58 01 00 00 54 03 02 4b 90 47 0f 06 ....X...T..K.G..
0010: a6 2f 8e cf 6a ae 2f 88 43 4d 79 de 4a 87 22 78 ./..j./.CMy.J."x
0020: 5e 84 52 8b 2b e3 35 83 42 77 6a 00 00 24 00 33 ^.R.+.5.Bwj..$.3
0030: 00 45 00 39 00 88 00 16 00 32 00 44 00 38 00 87 .E.9.....2.D.8..
0040: 00 13 00 66 00 2f 00 41 00 35 00 84 00 0a 00 05 ...f./.A.5......
0050: 00 04 01 00 00 07 00 09 00 03 02 00 01 .............
tls_read: want=5, got=5
0000: 16 03 02 00 4a ....J
tls_read: want=74, got=74
0000: 02 00 00 46 03 02 4b 90 47 0f b5 e8 7d 77 10 8e ...F..K.G...}w..
0010: e2 56 ed bc 5e f5 a3 00 2b 3a 2c 49 77 76 23 bb .V..^...+:,Iwv#.
0020: 39 5c 7e 8d c0 81 20 5e 3a 28 4f e7 4e 8a e3 35 9\~... ^
O.N..5
0030: ab 28 65 1b 3f 62 85 9f db 39 91 3b 51 b6 45 aa .(e.?b...9.;Q.E.
0040: 97 83 b8 3b f4 77 18 00 2f 00 ...;.w../.
tls_read: want=5, got=5
0000: 16 03 02 03 d9 .....
tls_read: want=985, got=985
0000: 0b 00 03 d5 00 03 d2 00 03 cf 30 82 03 cb 30 82 ..........0...0.
0010: 03 34 a0 03 02 01 02 02 01 01 30 0d 06 09 2a 86 .4........0...*.
0020: 48 86 f7 0d 01 01 05 05 00 30 81 80 31 0b 30 09 H........0..1.0.
0030: 06 03 55 04 06 13 02 74 68 31 0c 30 0a 06 03 55 ..U....th1.0...U
0040: 04 08 13 03 62 6b 6b 31 0c 30 0a 06 03 55 04 07 ....bkk1.0...U..
0050: 13 03 62 6b 6b 31 0e 30 0c 06 03 55 04 0a 13 05 ..bkk1.0...U....
0060: 77 65 62 6f 6e 31 0e 30 0c 06 03 55 04 0b 13 05 webon1.0...U....
0070: 77 65 62 6f 6e 31 16 30 14 06 03 55 04 03 13 0d webon1.0...U....
0080: 31 39 32 2e 31 36 38 2e 31 2e 31 39 32 31 1d 30 192.168.1.1921.0
0090: 1b 06 09 2a 86 48 86 f7 0d 01 09 01 16 0e 73 6f ...*.H........so
00a0: 6d 6f 40 77 65 62 6f 6e 2e 6e 65 74 30 1e 17 0d
mo@webon.net0...
00b0: 31 30 30 33 30 34 31 39 34 36 33 35 5a 17 0d 32 100304194635Z..2
00c0: 30 30 33 30 31 31 39 34 36 33 35 5a 30 81 80 31 00301194635Z0..1
00d0: 0b 30 09 06 03 55 04 06 13 02 74 68 31 0c 30 0a .0...U....th1.0.
00e0: 06 03 55 04 08 13 03 62 6b 6b 31 0c 30 0a 06 03 ..U....bkk1.0...
00f0: 55 04 07 13 03 62 6b 6b 31 0e 30 0c 06 03 55 04 U....bkk1.0...U.
0100: 0a 13 05 77 65 62 6f 6e 31 0e 30 0c 06 03 55 04 ...webon1.0...U.
0110: 0b 13 05 77 65 62 6f 6e 31 16 30 14 06 03 55 04 ...webon1.0...U.
0120: 03 13 0d 31 39 32 2e 31 36 38 2e 31 2e 31 39 32 ...192.168.1.192
0130: 31 1d 30 1b 06 09 2a 86 48 86 f7 0d 01 09 01 16 1.0...*.H.......
0140: 0e 73 6f 6d 6f 40 77 65 62 6f 6e 2e 6e 65 74 30 .somo@webon.net0
0150: 81 9f 30 0d 06 09 2a 86 48 86 f7 0d 01 01 01 05 ..0...*.H.......
0160: 00 03 81 8d 00 30 81 89 02 81 81 00 b8 71 a9 7e .....0.......q.~
0170: 2c f0 f9 d0 18 08 e5 87 6f 30 42 b9 d5 08 e6 4b ,.......o0B....K
0180: c3 58 c4 90 db b5 6b 4d a4 38 10 ec a5 02 da 6c .X....kM.8.....l
0190: 45 81 82 63 3f c2 1e 98 bb 45 40 ea 31 ca 6a 81 E..c?....E@.1.j.
01a0: e6 87 49 6c a3 e9 83 b8 1e 83 d2 3f 7f 2d 16 f3 ..Il.......?.-..
01b0: 86 eb 34 1b bd 58 6b b7 d2 d1 31 ec 9e 22 70 ee ..4..Xk...1.."p.
01c0: 56 db 1e 2a 73 55 c5 36 f8 dd 03 f9 c2 80 a9 af V..*sU.6........
01d0: 90 a5 1b 1c 9c 9b af 9c a3 3b 0d ae f6 7c 3a 7b .........;...|:{
01e0: f1 41 50 73 cc f0 7e f7 17 fe 78 67 02 03 01 00 .APs..~...xg....
01f0: 01 a3 82 01 51 30 82 01 4d 30 09 06 03 55 1d 13 ....Q0..M0...U..
0200: 04 02 30 00 30 11 06 09 60 86 48 01 86 f8 42 01 ..0.0...`.H...B.
0210: 01 04 04 03 02 06 40 30 34 06 09 60 86 48 01 86 ......@04..`.H..
0220: f8 42 01 0d 04 27 16 25 45 61 73 79 2d 52 53 41 .B...'.%Easy-RSA
0230: 20 47 65 6e 65 72 61 74 65 64 20 53 65 72 76 65 Generated Serve
0240: 72 20 43 65 72 74 69 66 69 63 61 74 65 30 1d 06 r Certificate0..
0250: 03 55 1d 0e 04 16 04 14 7b ab be 77 56 77 22 eb .U......{..wVw".
0260: 81 a2 95 db 9b e5 77 35 e2 ed 66 37 30 81 b5 06 ......w5..f70...
0270: 03 55 1d 23 04 81 ad 30 81 aa 80 14 5a 62 06 72 .U.#...0....Zb.r
0280: 81 b1 a3 74 69 c2 24 05 5f cb ec a2 c0 48 50 9a ...ti.$._....HP.
0290: a1 81 86 a4 81 83 30 81 80 31 0b 30 09 06 03 55 ......0..1.0...U
02a0: 04 06 13 02 74 68 31 0c 30 0a 06 03 55 04 08 13 ....th1.0...U...
02b0: 03 62 6b 6b 31 0c 30 0a 06 03 55 04 07 13 03 62 .bkk1.0...U....b
02c0: 6b 6b 31 0e 30 0c 06 03 55 04 0a 13 05 77 65 62 kk1.0...U....web
02d0: 6f 6e 31 0e 30 0c 06 03 55 04 0b 13 05 77 65 62 on1.0...U....web
02e0: 6f 6e 31 16 30 14 06 03 55 04 03 13 0d 31 39 32 on1.0...U....192
02f0: 2e 31 36 38 2e 31 2e 31 39 32 31 1d 30 1b 06 09 .168.1.1921.0...
0300: 2a 86 48 86 f7 0d 01 09 01 16 0e 73 6f 6d 6f 40 *.H........somo@
0310: 77 65 62 6f 6e 2e 6e 65 74 82 09 00 c1 d8 3b 34 webon.net.....;4
0320: cd e9 5d 6d 30 13 06 03 55 1d 25 04 0c 30 0a 06 ..]m0...U.%..0..
0330: 08 2b 06 01 05 05 07 03 01 30 0b 06 03 55 1d 0f .+.......0...U..
0340: 04 04 03 02 05 a0 30 0d 06 09 2a 86 48 86 f7 0d ......0...*.H...
0350: 01 01 05 05 00 03 81 81 00 c7 52 f7 54 6b 19 f4 ..........R.Tk..
0360: f0 48 66 b4 19 96 59 63 3f 65 82 81 26 98 94 43 .Hf...Yc?e..&..C
0370: 3b 62 22 cb 59 cc 4b 2d 01 fb 35 6b e2 08 bf b8 ;b".Y.K-..5k....
0380: 16 84 dc f5 fe 59 39 4d 98 87 8b 6c bf 91 2e 58 .....Y9M...l...X
0390: 49 b8 02 37 69 0f a3 34 e0 a5 16 aa fd 65 6f ca I..7i..4.....eo.
03a0: 28 ff 6e 6c 8a a4 27 82 4e e1 66 4d 6a 77 26 d5 (.nl..'.N.fMjw&.
03b0: 5a 6d 8f 18 03 8d be 31 ad fb 77 1a 68 34 86 ab Zm.....1..w.h4..
03c0: 4b 13 39 0f 1a 63 69 f9 06 e5 18 a7 1c c1 02 d7 K.9..ci.........
03d0: 13 90 92 6a 64 12 ad 27 dd ...jd..'.
tls_read: want=5, got=5
0000: 16 03 02 00 04 .....
tls_read: want=4, got=4
0000: 0e 00 00 00 ....
tls_write: want=139, written=139
0000: 16 03 02 00 86 10 00 00 82 00 80 33 a1 2c 78 f7 ...........3.,x.
0010: 3c 32 3f ab 10 2c 0a 1a cc f9 8b 4b dd 70 c3 e8 <2?..,.....K.p..
0020: 97 c6 97 fb 5c 3e f2 1e f8 ac 98 56 c4 09 fe 07 ....\>.....V....
0030: 67 45 b8 b5 61 fa 24 35 16 a1 a9 db 0e bb 93 e8 gE..a.$5........
0040: ef 6e 60 26 ad 50 94 c6 a9 4f 18 ce 7f 2e de 57 .n`&.P...O.....W
0050: 98 02 cb dd 1a 4b d8 f0 73 f8 0b f2 ba 53 4f 9b .....K..s....SO.
0060: 0c e7 a7 40 cf 85 a4 02 ed 79 68 85 35 77 62 ad ...@.....yh.5wb.
0070: 6a 16 f5 96 65 be 1a 02 67 ef c2 5d 35 f4 d7 5c j...e...g..]5..\
0080: a7 fb d0 a9 71 52 c8 a6 31 f3 b2 ....qR..1..
tls_write: want=6, written=6
0000: 14 03 02 00 01 01 ......
tls_write: want=133, written=133
0000: 16 03 02 00 80 e8 f8 73 0c 85 22 9e 5f 09 50 c7 .......s.."._.P.
0010: 96 a3 65 52 eb 06 66 d6 16 30 f7 b2 de ea 67 4a ..eR..f..0....gJ
0020: ef 57 cb bf c8 48 9e 38 1f 5c 37 e1 d9 15 15 38 .W...H.8.\7....8
0030: 10 af b4 18 74 02 f6 c7 bf 3f 66 f4 e1 78 2d af ....t....?f..x-.
0040: 53 6c 30 db 99 2e 3f 42 64 f4 e4 ff aa cf 9a 48 Sl0...?Bd......H
0050: ac 39 dd 56 95 fe e5 df b7 8c 0b da de 45 18 70 .9.V.........E.p
0060: cf 79 38 a8 11 89 df 43 09 fb 11 82 08 46 e5 74 .y8....C.....F.t
0070: b9 0c 36 dd 20 a9 26 1f 52 7c c8 16 fd 6b 12 6e ..6. .&.R|...k.n
0080: 02 a5 b0 66 f5 ...f.
tls_read: want=5, got=5
0000: 14 03 02 00 01 .....
tls_read: want=1, got=1
0000: 01 .
tls_read: want=5, got=5
0000: 16 03 02 00 f0 .....
tls_read: want=240, got=240
0000: ff 3d 0d 51 ed e3 bc df 0b 54 26 7f b1 90 8a 6d .=.Q.....T&....m
0010: 00 90 b3 66 65 98 4d 6b 5b 10 e6 fb e3 72 14 0d ...fe.Mk[....r..
0020: a3 ff 20 a3 dc a3 90 b2 a6 2e c1 21 c5 62 60 e5 .. ........!.b`.
0030: 29 18 72 b7 e4 3c ce 68 26 c5 6a 39 75 b8 e0 55 ).r..<.h&.j9u..U
0040: 37 8f c4 55 04 24 e0 3a 5f 3f 0b cd 98 44 ef 2f 7..U.$.:_?...D./
0050: b1 25 ad 2d 6a 82 97 5a b5 1e 89 b9 ef 45 7a ae .%.-j..Z.....Ez.
0060: 69 77 43 7a 88 af e2 7c 1c dd ec 32 cc 84 04 10 iwCz...|...2....
0070: 1a 7a ce bd e2 7d f0 cb 2e e4 71 0d ca 59 68 00 .z...}....q..Yh.
0080: 81 9d c4 a6 d4 5f 20 91 99 f5 e2 a9 fe 89 d1 d2 ....._ .........
0090: d0 66 88 cb 71 38 81 45 e9 b5 5f f9 14 8e a2 cb .f..q8.E.._.....
00a0: 5e 4d 68 4a 40 69 54 36 e4 5b 18 65 5e 8e bd 03 ^MhJ@iT6.[.e^...
00b0: 31 e6 db 59 7d 33 f3 a1 41 14 5b 91 77 63 61 f3 1..Y}3..A.[.wca.
00c0: 22 f6 91 1d 98 03 02 ff 5e e2 9f a2 09 7d da 19 ".......^....}..
00d0: e2 e1 70 54 a5 1f 07 3b da 89 c4 f4 e7 88 6c 33 ..pT...;......l3
00e0: 3e 51 fe a8 9c 07 95 97 86 9e 8a c7 53 d9 0f d9 >Q..........S...
TLS: peer cert untrusted or revoked (0x42)
ldap_err2string
ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1)