[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Spurious Start TLS failed errors on proxyed bind OpenLDAP 2.4.40
Hi!
On Tue, Jan 22, 2019 at 06:42:52AM -0800, Quanah Gibson-Mount wrote:
> RedHat pursued linking OpenLDAP against MozNSS against the advice of the
> OpenLDAP foundation. We reluctantly included those patches in the 2.4
> series, but they were a constant source of problems. RedHat never disclosed
> to the OpenLDAP project why exactly they abandoned MozNSS and switched back
> to OpenSSL.
OK, thanks for the clarification.
> Regardless, you should at the least update to the latest RHEL7 version from
> RH to see if it offers any relief from the issue you are encountering. There
> are also alternatives to the RH build that you can use on RH, such as:
Yeah, we're looking to that already. Should've probably done that the first
thing, before asking on the list. Oh well.
> a) The Symas OpenLDAP for Linux packages (currently at 2.4.47). See
> <https://symas.com/linux-openldap-support-symas-corporation/>,
> <https://symas.com/linuxopenldap/>. These packages are provided for free,
> with the option of having paid support.
> b) The LTB project:
> <https://ltb-project.org/documentation/openldap-rpm#yum_repository>
> c) The Symas commercial version of OpenLDAP, which requires a support
> contract and has additional features: <https://symas.com/symasopenldap/>
Thanks for these suggestions as well.
Best,
Janne / Helsinki Uni