If you recently installed this update:
gnutls26 (2.4.2-6+lenny2) stable-security; urgency=high * Non-maintainer upload by the Security Team. * Fixed CVE-2009-2730: a vulnerability related to NUL bytes in X.509 certificate name fields. (Closes: #541439) GNUTLS-SA-2009-4 -- Giuseppe Iuculano <iuculano@debian.org> Sun, 01 Nov 2009 21:29:06 +0100
and then found that your applications began failing to connect to your LDAP server, you may want to check that your SSL certificate is valid. Along with this update it seems that the default behaviour changed to being more strict. In my case I was using self-signed SSL certificates without the CA being available.
You can disable the verification if you don’t want it by adding:
TLS_REQCERT never
in /etc/ldap/ldap.conf on each client machine.