[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SSL strangeness



Victor Mataré <matare@lih.rwth-aachen.de> writes:

> Dieter Kluenter wrote:
>> Victor Mataré <matare@lih.rwth-aachen.de> writes:
[...]
>>
>> The FQDN of the certificate is ldap.lih.rwth-aachen.de, but your
>> search URI is bussard.lih.rwth-aachen.de
>>
>> -Dieter
>>
> Yep, that's alright. The certificate contains multiple alternative CNs,
> one of which is bussard.lih.rwth-aachen.de. They're just not shown here,
> but the cert is definitely valid for that hostname, so that's not the
> cause of the problem. And even if it was, slapd shouldn't just hang. But
> thanks for looking carefully.

GnuTLS cannot handle the subjectAltName attribute, thus if eihter
client and/or server are linked with libgnutls it will cause such
problem. 

-Dieter

-- 
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:8EF7B6C6
53°37'09,95"N
10°08'02,42"E