[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS not working with 2.0.14

To: openldap-software@OpenLDAP.org
Subject: Re: TLS not working with 2.0.14
From: Nik Clayton <nik@FreeBSD.org>
Date: Fri, 28 Sep 2001 08:13:06 +0100
Content-disposition: inline
Organization: FreeBSD Project <URL:http://www.freebsd.org/>
User-agent: Mutt/1.2.5i

On Thu, Sep 27, 2001 at 04:12:11PM -0700, Howard Chu wrote:
> Run your ldapsearch command with debugging turned up (-d127 is what I
> usually use) and look at the TLS log messages. The slapd debug messages
> indicate that there is no problem detected on the server end, so it
> must be the client.

Bingo.

    # ldapsearch -d127 -h clan ...
    ...
    TLS: hostname (clan) does not match common name in certificate (clan.XXX.org).

Changing the ldapsearch command line to

    # ldapsearch -h clan.XXX.org ...

worked.

Is that a bug, or should the tools be quite that specific?  Note that
the machine's hostname is clan.XXX.org.

N
-- 
FreeBSD: The Power to Serve             http://www.freebsd.org/
FreeBSD Documentation Project           http://www.freebsd.org/docproj/

          --- 15B8 3FFC DDB4 34B0 AA5F  94B7 93A8 0764 2C37 E375 ---

Attachment: pgp3g7fC4jskt.pgp
Description: PGP signature

Prev by Date: Re: invalid credentials
Next by Date: Re: Problems with LDAPADD !!
Index(es):
- Chronological
- Thread