[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SSL strangeness

Dieter Kluenter wrote:
Victor Mataré <matare@lih.rwth-aachen.de> writes:


I'm seeing some really weird behaviour when using ldaps:// on an
openldap-2.3.43 server. It's a Gentoo Linux box with
glibc-2.9_p20081201-r2 and openssl-0.9.8k. I have already recompiled
the entire system with gcc-4.3.4 (twice to be sure), with no
errors. First of all, ldapsearch -H ldaps://bussard.lih.rwth-aachen.de



The FQDN of the certificate is ldap.lih.rwth-aachen.de, but your
search URI is bussard.lih.rwth-aachen.de

Yep, that's alright. The certificate contains multiple alternative CNs,
one of which is bussard.lih.rwth-aachen.de. They're just not shown here,
but the cert is definitely valid for that hostname, so that's not the
cause of the problem. And even if it was, slapd shouldn't just hang. But
thanks for looking carefully.