[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: LDAP and SSL

To: Tony Earnshaw <tonye@billy.demon.nl>
Subject: Re: LDAP and SSL
From: Chasecreek Systemhouse <chasecreek.systemhouse@gmail.com>
Date: Tue, 30 Nov 2004 11:26:14 -0500
Cc: Openldap list <openldap-software@OpenLDAP.org>
Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=ulsF1u+pM9p+8WtsFUhnzRUZVSkqRH1QA1EuRyQkn9AKXAaeiF8hFTvD5e45qkZvvoPqdymgyK0a3yVuH6629rJWCofkMKjDr+xbHe9X6MlSpJI+UwmDcJEkyal+e/IHOE9/zbxW0rUU9nxcCThleyombVBzYjul4NVkPW0ym6Y=
In-reply-to: <1101825984.874.19.camel@localhost>
References: <91f88ee204112810284d745e7f@mail.gmail.com> <Pine.OSX.4.58.0411282026360.387@spud.local> <91f88ee2041128183058dc0ae6@mail.gmail.com> <20041129152907.GA25263@mtholyoke.edu> <20041129185429.GD25565@mtholyoke.edu> <91f88ee20411291117141ece3b@mail.gmail.com> <91f88ee20411291128211545e@mail.gmail.com> <1101811667.30561.34.camel@localhost> <91f88ee2041130055298cc51d@mail.gmail.com> <1101825984.874.19.camel@localhost>

On Tue, 30 Nov 2004 15:46:25 +0100, Tony Earnshaw <tonye@billy.demon.nl> wrote:

> > Source/CN=debian.insecurity.org/emailAddress=webmaster@insecurity.org
> 
> Looks better:) You're doing the wrong test though, so you don't get to
> see the errnos. I don't believe for one minute that
> debian.insecurity.org's IP no. as resolved by gethostbyname() is
> 192.168.2.2 - I think it's 68.214.83.106:

So, even if I'm NOT doing internal tests over the public Internet
(everything so far has been private IPs) I *still* have to put the
public IP in this section:

subjectAltName=IP:192.168.2.2,DNS:debian.insecurity.org,DNS:*.insecurity.org,DNS:localhost.localdomain

Is that because the server can be "seen" over the public Internet?

-- 
WC -Sx- Jones
http://insecurity.org/

Follow-Ups:
- Re: LDAP and SSL
  - From: Chasecreek Systemhouse <chasecreek.systemhouse@gmail.com>
- Re: LDAP and SSL
  - From: Tony Earnshaw <tonye@billy.demon.nl>

References:
- LDAP and SSL
  - From: Chasecreek Systemhouse <chasecreek.systemhouse@gmail.com>
- Re: LDAP and SSL
  - From: Steve Revilak <srevilak@speakeasy.net>
- Re: LDAP and SSL
  - From: Chasecreek Systemhouse <chasecreek.systemhouse@gmail.com>
- Re: LDAP and SSL
  - From: Ron Peterson <rpeterso@mtholyoke.edu>
- Re: LDAP and SSL
  - From: Ron Peterson <rpeterso@mtholyoke.edu>
- Re: LDAP and SSL
  - From: Chasecreek Systemhouse <chasecreek.systemhouse@gmail.com>
- Re: LDAP and SSL
  - From: Chasecreek Systemhouse <chasecreek.systemhouse@gmail.com>
- Re: LDAP and SSL
  - From: Tony Earnshaw <tonye@billy.demon.nl>
- Re: LDAP and SSL
  - From: Chasecreek Systemhouse <chasecreek.systemhouse@gmail.com>
- Re: LDAP and SSL
  - From: Tony Earnshaw <tonye@billy.demon.nl>

Prev by Date: Re: Proxy can answer but provides no data
Next by Date: bind: invalid dn
Index(es):
- Chronological
- Thread