[Date Prev][Date Next]
Re: (ITS#4072) Feature request: Don't list StartTLS (220.127.116.11.4.1.1466.20037) if not configured correctly
Howard Chu wrote:
> Michael Ströder wrote:
>> Howard Chu wrote:
>>> firstname.lastname@example.org wrote:
>>>> I'd like to propose that StartTLS (18.104.22.168.4.1.1466.20037) is not
>>>> listed in
>>>> rootDSE's attribute supportedExtension if TLS/SSL is not configured
>>> What does "not configured correctly" mean? E.g., if invalid files are
>>> used for the cert/key file options, ldap_pvt_tls_init_def_ctx() will
>>> fail, and slapd will refuse to startup. What other configurations are
>>> you concerned with?
>> Well, rather not configured at all but compiled with TLS support.
> I guess that makes sense. Done. Please test.
Seems to work especially with this particular client which failed to
connect before. Thanks!