[Date Prev][Date Next] [Chronological] [Thread] [Top]

TLS issue behind Cisco load balancer



Title: TLS issue behind Cisco load balancer

       LDAP clients

  _________|______________________

 |__________LoadBalancer1_________|

   |             |             |

 ldapserver1  ldapserver2  ldapserver3


Have three LDAP servers behind a load balancer.  Certain client TLS requests seem to be failing like “id –a username” and system logins.  However, using the ldapsearch command with the –Z options seems to work fine.  I am assuming the problem has to do with load balancers hostname not matching what is in the ldap servers certificate.  Have seen a couple of postings about using subjectAltName” with the hostname of the load balancer in the certificate on the LDAP server Have not been able to include the subjectAltName successfully.

Not sure what else to try.

Gerry