[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#9014) OpenLDAP modifies user provided TLS certificate before sending it to client

To: openldap-its@OpenLDAP.org
Subject: Re: (ITS#9014) OpenLDAP modifies user provided TLS certificate before sending it to client
From: quanah@symas.com
Date: Wed, 24 Apr 2019 20:07:04 +0000
Auto-submitted: auto-generated (OpenLDAP-ITS)

--On Wednesday, April 24, 2019 6:43 PM +0000 hyc@symas.com wrote:

> siddjain@live.com wrote:
>> --_000_MWHPR08MB24000D77048AFCF7465C4397B53C0MWHPR08MB2400namp_
>> Content-Type: text/plain; charset="iso-8859-1"
>> Content-Transfer-Encoding: quoted-printable
>>
>> could you send me output of running
>>
>> openssl version -a
>>
>> on your system? thanks
>
>> openssl version -a
> OpenSSL 1.1.1  11 Sep 2018
> built on: Tue Dec  4 13:15:09 2018 UTC
> platform: debian-amd64

I would also note that not all OpenLDAP builds use OpenSSL.  For example, 
OpenLDAP built on Debian/Ubuntu uses GnuTLS.  OpenLDAP built on some 
versions of RedHat 7 use MozNSS.  Current RedHat 7 builds use OpenSSL but 
have an odd MozNSS bridge for backwards compatibilty, and there may be all 
sorts of odd bugs in that.  Apple links OpenLDAP to its own custom SSL 
libary.

So really your first step should be isolating what TLS/SSL library OpenLDAP 
is linked to in the environment you're using.

--Quanah

--

Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>

Prev by Date: Re: (ITS#9014) OpenLDAP modifies user provided TLS certificate before sending it to client
Next by Date: Re: (ITS#9014) OpenLDAP modifies user provided TLS certificate before sending it to client
Index(es):
- Chronological
- Thread