[Date Prev][Date Next]
Re: problem with openldap ssl client
On Tuesday 08 July 2008 19:05:05 Sambuddho Chakravarty wrote:
> > > tls_cacertdir /etc/ldap/cacerts
> > > tls_cacertfile /etc/ldap/cacert/cacert.pem
> > > #server IP
> > > uri ldaps://220.127.116.11/
> > What is the subject CN on the certificate the server has?
> Subject CN is the servers's CN./ST/C/emailAddress/O/OU
I was meaning, you should provide the actual value. If it is not 18.104.22.168,
your certificate validation should work.
But, if you don't want help, don't post details that people need to help you.
> > So, what do you get if you try something like this:
> > $ openssl s_client -CAfile /etc/ldap/cacerts/cacert.pem -connect
> > 22.214.171.124:636
> > Does the CN attribute in the server certificate you get back match the
> > hostname in the URI?
> No. I check this .
No it doesn't match? It does match? Why don't you provide the actual output?
Or, don't you want help?