[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: Mozilla NSS -- how to deploy intermediate certificate




-----Original Message-----
From: openldap-technical-bounces@OpenLDAP.org [mailto:openldap-technical-bounces@OpenLDAP.org] On Behalf Of Aaron Bennett
Sent: Friday, February 24, 2012 3:25 PM
To: richm@stanfordalumni.org
Cc: openldap-technical@openldap.org
Subject: RE: Mozilla NSS -- how to deploy intermediate certificate



From: Rich Megginson [mailto:rich.megginson@gmail.com] 
Sent: Friday, February 24, 2012 2:50 PM
To: Aaron Bennett
Cc: openldap-technical@openldap.org
Subject: Re: Mozilla NSS -- how to deploy intermediate certificate

>Is the ldapwhoami client on the same machine as the server?   What is the client TLS configuration?

 No.  If I run the ldapwhoami from the server it works correctly.  In this particular case, I'm running it from an Ubuntu 11.10 workstation.  Apache Directory Studio on Windows also throws a certificate error when trying to connect.  Likewise I have reports of failure to connect via PHP-Ldap from a third computer.

--------------

On other oddity about this is there are two boxes in play -- one's hostname is 'animal.clarku.edu' and the other is 'zoot.clarku.edu'; they are round-robin'd behind the hostname 'ds.clarku.edu.' However the cert I have installed on each box is for ds.clarku.edu.