Re: SSL strangeness

["Dieter Kluenter" <dieter@dkluenter.de>]

Howard Chu <hyc@symas.com> writes:

> Dieter Kluenter wrote:
>> Victor Mataré <matare@lih.rwth-aachen.de> writes:
>> 
>>> Dieter Kluenter wrote:
>>>> Victor Mataré <matare@lih.rwth-aachen.de> writes:
>> [...]
>>>>
>>>> The FQDN of the certificate is ldap.lih.rwth-aachen.de, but your
>>>> search URI is bussard.lih.rwth-aachen.de
>>>>
>>>> -Dieter
>>>>
>>> Yep, that's alright. The certificate contains multiple alternative CNs,
>>> one of which is bussard.lih.rwth-aachen.de. They're just not shown here,
>>> but the cert is definitely valid for that hostname, so that's not the
>>> cause of the problem. And even if it was, slapd shouldn't just hang. But
>>> thanks for looking carefully.
>> 
>> GnuTLS cannot handle the subjectAltName attribute, thus if eihter
>> client and/or server are linked with libgnutls it will cause such
>> problem. 
>
> False.

OK,
https://savannah.gnu.org/support/index.php?106975
has been fixed.

-Dieter

-- 
Dieter Klünter | Systemberatung
http://dkluenter.de
GPG Key ID:8EF7B6C6
53°37'09,95"N
10°08'02,42"E