Just few minutes after posting to Fedora mailing, I’ve managed to find the solution to my problem with LDAP authentication in Fedora Linux Core 2. Murphy’s law in action. :)
It seems that there was an undocumented change in default behavior. File /etc/ldap.conf
(provided by nss_ldap) says:
# OpenLDAP SSL options # Require and verify server certificate (yes/no) # Default is "no" # tls_checkpeer yes
A simple change to:
# OpenLDAP SSL options # Require and verify server certificate (yes/no) # Default is "no" tls_checkpeer no
fixes the problem.