[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS not working with 2.0.14



On Thu, Sep 27, 2001 at 04:12:11PM -0700, Howard Chu wrote:
> Run your ldapsearch command with debugging turned up (-d127 is what I
> usually use) and look at the TLS log messages. The slapd debug messages
> indicate that there is no problem detected on the server end, so it
> must be the client.

Bingo.

    # ldapsearch -d127 -h clan ...
    ...
    TLS: hostname (clan) does not match common name in certificate (clan.XXX.org).

Changing the ldapsearch command line to

    # ldapsearch -h clan.XXX.org ...

worked.

Is that a bug, or should the tools be quite that specific?  Note that
the machine's hostname is clan.XXX.org.

N
-- 
FreeBSD: The Power to Serve             http://www.freebsd.org/
FreeBSD Documentation Project           http://www.freebsd.org/docproj/

          --- 15B8 3FFC DDB4 34B0 AA5F  94B7 93A8 0764 2C37 E375 ---

Attachment: pgp3g7fC4jskt.pgp
Description: PGP signature