Even though ldap.conf(5) claims that LDAPTLS_CACERT takes precedence over LDAPTLS_CACERTDIR, this seems to be broken in F14. We're setting LDAPTLS_CACERT into the environment during admin password reset, which fails on F14.
This was fixed (or rather worked around) in 6a9846f
Post-pushing, simo proposed some improvements which I'm going to send separately - but closing this bug since the issue is no longer present in master.
Metadata Update from @jhrozek: - Issue assigned to jhrozek - Issue set to the milestone: FreeIPA 2.0 - 2010/11
Login to comment on this ticket.