[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Strange TLS behaviour with slapd 2.3.30 on Debian Etch



Denis Sacchet <ouba@ouba.org> writes:

> Hello,
>
> I have a strange behaviour regarding TLS encryption with an LDAP
> server. Everything works like a charm for a while, and without any
> sign, the server begins to not respond for TLS traffic. As the server
> is partially open on internet, I force TLS, so it is very annoying for
> us.

[...]
> A trace of ldapsearch when there is the problem :
>
> ldapsearch  -D "uid=dsacchet,ou=accounts,dc=<hiddendomain>,dc=com" -h
> "ldap.<hiddendomain>.com" -ZZ -W -x -d 9 "(objectClass=*)"

You are connection to host ldap.domain.com

> /C=FR/ST=Lorraine/L=Nancy/O=<hiddencompany>/OU=<hiddencompany>/CN=smtp.<hiddendomain>.com/emailAddress=it@<hiddendomain>.com,

but the certificate is issued to host smtp.domain.com, a certificate
verification must fail.

-Dieter

-- 
Dieter Klünter | Systemberatung
http://www.dkluenter.de
GPG Key ID:8EF7B6C6