[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Server certificate

To: openldap-technical@openldap.org
Subject: Re: Server certificate
From: Dieter Kluenter <dieter@dkluenter.de>
Date: Mon, 31 May 2010 17:32:49 +0200
In-reply-to: <4C03C2CF.1080304@ipfn.ist.utl.pt>
Organization: AVCI
References: <4C03C2CF.1080304@ipfn.ist.utl.pt>

Am Mon, 31 May 2010 15:08:15 +0100
schrieb Daniel Gomes <dgomes@ipfn.ist.utl.pt>:

> Hey there,
> 
> I've got a simple enough question: is it possible to use a
> certificate for TLS (through the TLSCertificateFile directive) on
> which the FQDN of the LDAP server is not on the CN but instead on the
> alternative name? I tried this, but I'm getting a "TLS init def ctx
> failed: -64" and I thought it might be because of this issue. I also
> couldn't find a list of the error numbers and their descriptions,
> making it harder for me to understand what's wrong...

add subjectAltname=DNS:alternate.host.my.domain
to the server certificate

-Dieter

-- 
Dieter Klünter | Systemberatung
sip: +49.40.20932173
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6

References:
- Server certificate
  - From: Daniel Gomes <dgomes@ipfn.ist.utl.pt>

Prev by Date: Server certificate
Index(es):
- Chronological
- Thread