[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Server certificate
- To: Daniel Gomes <dgomes@ipfn.ist.utl.pt>
- Subject: Re: Server certificate
- From: Frank Van Damme <frank.vandamme@gmail.com>
- Date: Mon, 31 May 2010 18:54:17 +0200
- Cc: openldap-technical@openldap.org
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:received:received:in-reply-to :references:date:message-id:subject:from:to:cc:content-type; bh=iTA/dm/8k7J4npBxfEay60ikXpQaalOGKXv/Wnt8oXo=; b=cBNk8RaXSWkn4sDhyK+AH+iReIg8TuKJzLKXwKOHWcRmTvsznC6NzntJPfCj9jvoSt +bicjgNA9ohizOtxThNH4xKi2GZD+bPx76pNNrkK9OolAYnOEapBcCAGK8e/6zLuTcc1 S4fj1M02w/Ro+3kP1y+oRU/WdoV9HFeAVUQfo=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :cc:content-type; b=ZxSZy6vqMUFOa9mDWtHggSNNg+MOFLlNr0Iv88DzytS1L5xZpu5V03CaRUuK0TYUem 928mNLOD+zFF1lIXhIMGnj4nQ4ovNC3+EiB1tW4glAaUw5ziovnxaTK4vdyDEmHsyuHN vDXceKDCU8AJ29FwO42spsNp7UkmTqunsnW1U=
- In-reply-to: <4C03C2CF.1080304@ipfn.ist.utl.pt>
- References: <4C03C2CF.1080304@ipfn.ist.utl.pt>
2010/5/31 Daniel Gomes <dgomes@ipfn.ist.utl.pt>:
> Hey there,
>
> I've got a simple enough question: is it possible to use a certificate for
> TLS (through the TLSCertificateFile directive) on which the FQDN of the LDAP
> server is not on the CN but instead on the alternative name? I tried this,
> but I'm getting a "TLS init def ctx failed: -64" and I thought it might be
> because of this issue. I also couldn't find a list of the error numbers and
> their descriptions, making it harder for me to understand what's wrong...
>
> Cheers,
>
> --
You can. Did that a few weeks ago.
--
Frank Van Damme
A: Because it destroys the flow of the conversation.
Q: Why is it bad?
A: No, it's bad.
Q: Should I top post in replies to mailing lists or on Usenet?