[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SSL and openldap 2.0.14

On Tue, Sep 11, 2001 at 02:15:38PM -0400, Justin Hahn wrote:
> > Are you using FQDN to connect to the server?
> Not always. The server is accessed through a couple CNAMEs as well... This
> seems to explain the behavior. 
> I wish the local portion of the domain name would work when the local domain
> is configured for a host. I.E. if my domain is localdomain.net and my ldap
> server is ldap00 I'd have expected it to fully qualify the name to
> ldap00.localdomain.net if I only specify ldap00 - but I can live with it if
> it won't.
> Oh well, a little network reconfiguration is due I guess.

If your configuration is correct, it should be able to resolve the
address of the server without using FQDN. So simply ldap00 should
work when not using SSL at least. I suppose the problem is that it
must match the common name of the certificate. For security reasons
I think it might be best to not rely on search path anyway.