[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problem connecting to LDAP server with TLS when using the LDAP server IP address



On Fri, 10 Dec 2004 13:52:21 +0000, Dave Lewney <d.m.lewney@sussex.ac.uk> wrote:
> Nithya Balachandran wrote:
> > I have an application that is using OpenLDAP to communicate with a
> > Novell eDirectory LDAP server over TLS/SSL (Am not very sure of the

> You should read the OpenLDAP FAQ on using TLS/SSL
> (http://www.openldap.org/faq/data/cache/185.html) in which it states
> 
> "Remember that the Common Name for this cert should be the fully qualified
> domain name of the server"


A suggestion, if you are on a Private IP also (dual hosted) you neeed
to also set x509 Alternate NickNames for that host in openssl.cnf
BEFORE you create the SSL Request.

Just a suggestion.  :-)
-- 
WC -Sx- Jones
http://insecurity.org/