[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Multi-homed machine and TLS
El Miércoles, 15 de Septiembre de 2004 13:16, Imobach González Sosa escribió:
Ok, I know that only saying "it doesn't work" you could not help me much ;)...
so, here we go with some debugging output from ldapsearch (with -d1 flag):
######### Debug Begins
TLS trace: SSL_connect:before/connect initialization
TLS trace: SSL_connect:SSLv2/v3 write client hello A
TLS trace: SSL_connect:SSLv3 read server hello A
TLS certificate verification: depth: 1, err: 0, subject: /C=ES/ST=My
Province/L=My
City/O=ULPGC/OU=SIC/CN=ldap2.my.domain/emailAddress=hostmaster@my.domain,
issuer: /C=ES/ST=My Province/L=My
City/O=ULPGC/OU=SIC/CN=ldap2.my.domain/emailAddress=hostmaster@my.domain
TLS certificate verification: depth: 0, err: 0, subject: /C=ES/ST=My
Province/L=My
City/O=ULPGC/OU=SIC/CN=cname.my.domain/emailAddress=hostmaster@my.domain/subjectAltName=DNS:ldap2.sub.my.domain,DNS:ldap2.my.domain,
issuer: /C=ES/ST=My Province/L=My
City/O=ULPGC/OU=SIC/CN=ldap2.my.domain/emailAddress=hostmaster@my.domain
TLS trace: SSL_connect:SSLv3 read server certificate A
TLS trace: SSL_connect:SSLv3 read server done A
TLS trace: SSL_connect:SSLv3 write client key exchange A
TLS trace: SSL_connect:SSLv3 write change cipher spec A
TLS trace: SSL_connect:SSLv3 write finished A
TLS trace: SSL_connect:SSLv3 flush data
TLS trace: SSL_connect:SSLv3 read finished A
TLS: hostname (ldap2.sub.my.domain) does not match common name in certificate
(cname.my.domain).
ldap_perror
ldap_start_tls: Connect error (-11)
additional info: TLS: hostname does not match CN in peer certificate
######### Debug Ends
Thank you all.
--
Imobach González Sosa
Servicio de Informática y Comunicaciones de la ULPGC
e-mail: igonzalez@becarios.ulpgc.es
Teléfono: +34 928 459519