[Date Prev][Date Next] [Chronological] [Thread] [Top]

TLS issue behind Cisco load balancer

To: <openldap-software@OpenLDAP.org>
Subject: TLS issue behind Cisco load balancer
From: "Morong, Gerry" <Gerry.Morong@hp.com>
Date: Wed, 15 Jan 2003 14:59:33 -0600
Content-class: urn:content-classes:message
Thread-index: AcK82QE3u1kA/hU7Ri+0e6Gb3S2jLQ==
Thread-topic: TLS issue behind Cisco load balancer

Title: TLS issue behind Cisco load balancer

LDAP clients

_________|______________________

|__________LoadBalancer1_________|

| | |

ldapserver1 ldapserver2 ldapserver3

Have three LDAP servers behind a load balancer. Certain client TLS requests seem to be failing like “id –a username” and system logins. However, using the ldapsearch command with the –Z options seems to work fine. I am assuming the problem has to do with load balancer’s hostname not matching what is in the ldap servers certificate. Have seen a couple of postings about using “subjectAltName” with the hostname of the load balancer in the certificate on the LDAP server. Have not been able to include the “subjectAltName” successfully.

Not sure what else to try.

Gerry

Follow-Ups:
- Re: TLS issue behind Cisco load balancer
  - From: Andrew Findlay <andrew.findlay@skills-1st.co.uk>

Prev by Date: Re: Solaris passwd
Next by Date: RE: Can't delete entry (renewed)
Index(es):
- Chronological
- Thread