[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: tls key exchange
> | How can I get the hostname or maybe hostnames onto the cert? I was never
> | asked for it while generating the cert with CA.pl/openssl!
> |
>
> I mean the Subject's CN should be the hostname you are trying to connect
> to. Never used CA.pl before, but it is usually the only critical
> parameter ...
Which line is it in the openssl.cnf? And how do you create your server cert?
> Well, it still seems to be using a client cert, which is unnecessary.
> | .....
> | TLS trace: SSL_accept:error in SSLv3 read client certificate A
> | TLS trace: SSL_accept:error in SSLv3 read client certificate A
> | .....
> | connection_read(12): unable to get TLS client DN error=49 id=0
> | .....
> | TLS trace: SSL3 alert read:warning:close notify
> | .....
I didn't tell it to use a client cert. In this szenario I didn't even create
any client cert. What option is it in the config files?
Can you tell me your way to configure your ldap server to to things like
those I want it to do?
Thomas
--
+++ Jetzt WLAN-Router für alle DSL-Einsteiger und Wechsler +++
GMX DSL-Powertarife zudem 3 Monate gratis* http://www.gmx.net/dsl