[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP starts, but...





--On Tuesday, March 15, 2005 4:16 PM -0800 "Kurt D. Zeilenga" <Kurt@OpenLDAP.org> wrote:

At 03:53 PM 3/15/2005, Pupeno wrote:
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Noone replied anywhere, should I consider this a bug ?

You are free to consider it whatever you want to.

But the project won't consider it a bug in OpenLDAP Software
without sufficient evidence that it actually is a bug in
OpenLDAP Software.  Until you have some evidence, there
is no point in reporting a bug as such reports will be closed.

I suggest you test your certificates using purely
OpenSSL command line tools (e.g., s_client and s_server
talking to each other).  If they don't work there, they won't
work in OpenLDAP Software.   And if they don't work there,
you'd have something that the OpenSSL folks might actually
be able to help you with.  Until you have that working, there
is little point in discussions here.

The OpenSSL client/server work. The OpenSSL verify command with the trusted CA from cacert.org works.


However, using the openssl client to request the cert from his OpenLDAP server does not return a cert. Testing the same thing against my ldap servers returned a cert.

--Quanah



--
Quanah Gibson-Mount
Principal Software Developer
ITSS/Shared Services
Stanford University
GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html

"These censorship operations against schools and libraries are stronger
than ever in the present religio-political climate. They often focus on
fantasy and sf books, which foster that deadly enemy to bigotry and blind
faith, the imagination." -- Ursula K. Le Guin