[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: SSL strangeness
Dieter Kluenter wrote:
> Victor Mataré <matare@lih.rwth-aachen.de> writes:
>
>> Dieter Kluenter wrote:
>>> Victor Mataré <matare@lih.rwth-aachen.de> writes:
> [...]
>>>
>>> The FQDN of the certificate is ldap.lih.rwth-aachen.de, but your
>>> search URI is bussard.lih.rwth-aachen.de
>>>
>>> -Dieter
>>>
>> Yep, that's alright. The certificate contains multiple alternative CNs,
>> one of which is bussard.lih.rwth-aachen.de. They're just not shown here,
>> but the cert is definitely valid for that hostname, so that's not the
>> cause of the problem. And even if it was, slapd shouldn't just hang. But
>> thanks for looking carefully.
>
> GnuTLS cannot handle the subjectAltName attribute, thus if eihter
> client and/or server are linked with libgnutls it will cause such
> problem.
False.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/