On Thu, Sep 27, 2001 at 04:12:11PM -0700, Howard Chu wrote: > Run your ldapsearch command with debugging turned up (-d127 is what I > usually use) and look at the TLS log messages. The slapd debug messages > indicate that there is no problem detected on the server end, so it > must be the client. Bingo. # ldapsearch -d127 -h clan ... ... TLS: hostname (clan) does not match common name in certificate (clan.XXX.org). Changing the ldapsearch command line to # ldapsearch -h clan.XXX.org ... worked. Is that a bug, or should the tools be quite that specific? Note that the machine's hostname is clan.XXX.org. N -- FreeBSD: The Power to Serve http://www.freebsd.org/ FreeBSD Documentation Project http://www.freebsd.org/docproj/ --- 15B8 3FFC DDB4 34B0 AA5F 94B7 93A8 0764 2C37 E375 ---
Attachment:
pgp3g7fC4jskt.pgp
Description: PGP signature