[Date Prev][Date Next] [Chronological] [Thread] [Top]

Strange behavior with TLS with self-signed certs

To: <openldap-technical@openldap.org>
Subject: Strange behavior with TLS with self-signed certs
From: Michael Starling <mlstarling31@hotmail.com>
Date: Thu, 6 Jan 2011 22:18:40 -0500
Importance: Normal

I'm running openldap-2.3.43-12.el5 on a RHEL 5.5 system:

I find that TLS will not work if I use uri ldap://10.3.5.207/ in /etc/ldap.conf on my clients.

TLS magically starts working if I use the deprecated host directive instead:

So if I use host 10.3.5.207 instead everything starts working:

Any insight as to what might be going on?..Possibly a bug?

Here are my TLS directives on my clients:

#TLS settings
ssl start_tls
ssl on
tls_cacertdir /etc/openldap/cacerts
tls_cacertfile /etc/openldap/cacerts/slapdcert.pem
tls_checkpeer no

-Mike

Follow-Ups:
- Re: Strange behavior with TLS with self-signed certs
  - From: Christ Schlacta <lists@aarcane.org>
- Re: Strange behavior with TLS with self-signed certs
  - From: Andreas Ntaflos <daff@pseudoterminal.org>

Prev by Date: Emergency recovery strategy needed by novice
Next by Date: Re: Strange behavior with TLS with self-signed certs
Index(es):
- Chronological
- Thread