gnutls vs openssl with openldap, debian and centos

view story

http://serverfault.com – I have a Debian 6.0.5 server running openldap. It appears to be compiled against gnutls. I used gnutls' certtool to generate a self-signed certificate and I have used it on a few debian client machines to authenticate against the openldap server. However, when I try to do the same on a CentOS 6 client, I get the following error for ldapsearch: ldap_initialize( ) ldap_start_tls: Can't contact LDAP server (-1) additional info: TLS error -8101:Certificate type not approved for application. ldap_sasl_bind(SIMPLE): Can't contact LDAP server (-1) If I run gnutls-cli-debug (HowTos)