[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS_REQCERT and no server certificate

To: Jan Synacek <jsynacek@redhat.com>
Subject: Re: TLS_REQCERT and no server certificate
From: Todd Lyons <tlyons@ivenue.com>
Date: Tue, 12 Nov 2013 05:26:43 -0800
Authentication-results: lunar.ivenue.com; dmarc=none header.from=ivenue.com
Cc: "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Dkim-filter: OpenDKIM Filter v2.8.4 lunar.ivenue.com rACDQh8N015531
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ivenue.com; s=dk2; t=1384262815; bh=tq7NqFy15Aauhle8tpVoVyP3rPMxEHU9Y087ISIpdtI=; h=In-Reply-To:References:Date:Subject:From:To:Cc; z=In-Reply-To:=20<5282041F.20801@redhat.com>|References:=20<5282041 F.20801@redhat.com>|Date:=20Tue,=2012=20Nov=202013=2005:26:43=20-0 800|Subject:=20Re:=20TLS_REQCERT=20and=20no=20server=20certificate |From:=20Todd=20Lyons=20<tlyons@ivenue.com>|To:=20Jan=20Synacek=20 <jsynacek@redhat.com>|Cc:=20"openldap-technical@openldap.org"=20<o penldap-technical@openldap.org>; b=WIGvHfCBJ5hsMBd9pDCt45Gjm7+EE31am4TrTH7ReXXmQ2vKyXmqwtciod43088S6 62Me1eBBMsFmBk16sxMOMx5YJj+axVxg/zyeH3Mrv19XkN77UUTQsz7aKgp3AXYyFs YsxJZ8FHbjHVQzNbSNxjIC6aGBfDgw4zK6HOFRQo=
In-reply-to: <5282041F.20801@redhat.com>
References: <5282041F.20801@redhat.com>

On Tue, Nov 12, 2013 at 2:34 AM, Jan Synacek <jsynacek@redhat.com> wrote:
> Is the manpage wrong or is there any other way I can test the client with no
> server certificate provided?

I forgot to answer the second part.  I just use accept.  With tcpdump,
you can verify if it is or is not using encryption.  It doesn't do
cert chain checking so it will accept self-signed certs.

...Todd
-- 
The total budget at all receivers for solving senders' problems is $0.
 If you want them to accept your mail and manage it the way you want,
send it the way the spec says to. --John Levine

Follow-Ups:
- Antw: Re: TLS_REQCERT and no server certificate
  - From: "Ulrich Windl" <Ulrich.Windl@rz.uni-regensburg.de>

References:
- TLS_REQCERT and no server certificate
  - From: Jan Synacek <jsynacek@redhat.com>

Prev by Date: Re: TLS_REQCERT and no server certificate
Next by Date: Re: RE24 testing call (OpenLDAP 2.4.38)
Index(es):
- Chronological
- Thread