[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#8917) OpenLDAP

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#8917) OpenLDAP
From: mhonek@redhat.com
Date: Fri, 21 Sep 2018 09:59:39 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

Hi Nancy,

I'm not aware of RHEL7 shipping with OpenSSL-1.1, OpenLDAP is linked
with openssl-1.0.2 there.

Anyway, please report all issues related to TLS in OpenLDAP in Red Hat
products to Red Hat Support or Bugzilla, first.

Thanks!
Regards.
On Fri, Sep 21, 2018 at 11:21 AM <nanmor@126.com> wrote:
>
> Full_Name: Nancy Mo
> Version: openldap-clients-2.4.44-15.el7_5.x86_64
> OS: Redhat 7
> URL: ftp://ftp.openldap.org/incoming/
> Submission from: (NULL) (106.38.0.87)
>
>
> Hi team,
>
> Linux server is redhat7, and installed Openssl-1.1.1 which is support for
> TLS1.3&#12290;
> I tried to connect a LDAP server which is used TLS1.3, the openldap clien=
t
> connection failed, if the server setting change to TLS 1.2, it can connec=
ted
> successfully&#12290;
> By the way, use the openssl s_client -connect HOSTNAME.com:636, it will u=
se TLS
> 1.3, and connect successfully.
> In the ldap.conf, I have set two parameters&#65306;
>
> TLS_CACERTDIR /etc/openldap/certs
> TLS_REQCERT never
>
> Why the openldap client can not use TLS1.3?
>
> Thanks a lot.
>
> beat regards
>
> nancy
>


--=20
Mat=C3=BA=C5=A1 Hon=C4=9Bk
Software Engineer
Red Hat Czech

Prev by Date: (ITS#8917) OpenLDAP
Next by Date: Re: (ITS#8917) OpenLDAP
Index(es):
- Chronological
- Thread