[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Using TLS/SSL with openldap 2.1.2

To: Dinesh Salegame <openldap-software@OpenLDAP.org>
Subject: Re: Using TLS/SSL with openldap 2.1.2
From: "Peter A. Savitch" <spam4octan@highway.ru>
Date: Fri, 19 Jul 2002 17:12:00 +0300
In-reply-to: <3D35CC62.C690A4EE@comneti.com>
Organization: RUNET.RU
References: <3D35CC62.C690A4EE@comneti.com>

Hello Dinesh,

Wednesday, July 17, 2002, 10:58:26 PM, you wrote:

DS> TLS certificate verification: depth: 1, err: 0, subject:
DS> /C=US/ST=ILLINOIS/L=Lis
DS> le/O=Comnet Int/OU=SUPPORT/CN=aptrain/Email=dvs@comneti.com, issuer:
DS> /C=US/ST=IL
DS> LINOIS/L=Lisle/O=Comnet Int/OU=SUPPORT/CN=aptrain/Email=dvs@comneti.com
DS> TLS certificate verification: depth: 0, err: 0, subject:
DS> /C=US/ST=ILLINOIS/O=Com
DS> net Int/OU=SUP/CN=aptrain/Email=dvs@comneti.com, issuer:
DS> /C=US/ST=ILLINOIS/L=Lis
DS> le/O=Comnet Int/OU=SUPPORT/CN=aptrain/Email=dvs@comneti.com

DS> ldap.conf
DS> host aptrain.comneti.com

DS> Is there any options that are missing ? I was able to use the openssl
DS> s_server and s_client to talk using the certificates in the slapd.conf.

Maybe You have misspelled host name in server certificate.
Try either to use full host name in server certificate, or unqualified
host name with the client. This does make sense for SSL as I know.

-- 
Best regards,
 Peter                            mailto:spam4octan@highway.ru

Follow-Ups:
- Re: Using TLS/SSL with openldap 2.1.2
  - From: Dinesh Salegame <dvs@comneti.com>

References:
- Using TLS/SSL with openldap 2.1.2
  - From: Dinesh Salegame <dvs@comneti.com>

Prev by Date: Re: ldapadd: missing value on line 3 (attr is objectClass: dcObject)
Next by Date: Re: which value does the attribute value of modifytimestamp and createtimestamp follow?
Index(es):
- Chronological
- Thread