RE: TLS bare minimum

["West, Jon (NIH/NIMH) [C]" <wjon@mail.nih.gov>]

my server is 'myserver.com' but I'm hosting the ldap domain 'NOTmyserver.com' (test.com in this case) I have to use myserver.com when creating the cert, not the ldap domain correct?


-----Original Message-----
From: Quanah Gibson-Mount [mailto:quanah@zimbra.com]
Sent: Tue 6/5/2007 6:36 PM
To: West, Jon (NIH/NIMH) [C]
Cc: openldap-software@openldap.org
Subject: RE: TLS bare minimum
 


--On June 5, 2007 6:28:11 PM -0400 "West, Jon (NIH/NIMH) [C]" 
<wjon@mail.nih.gov> wrote:

>
> yes, I've actually have it looking at the cert but I still get a
> connection error when using TLS I think I understand it
> ldap_start_tls: Connect error (-11)
>         additional info: TLS: hostname does not match CN in peer
> certificate I think this means is because I used 'test.com' as the server
> name when generating the cert rather then the actual server? test.com is
> just the test domain I am using

Hi,

Please keep replies to the list.

This error means that the host name in the certificate does not match the 
hostname for the server.  They must match to establish a TLS connection.

--Quanah

--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration