[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Multi-homed machine and TLS
El Miércoles, 15 de Septiembre de 2004 12:44, Dieter Kluenter escribió:
> It does work! My Server has the FQDN marin.l4b.de and the CNAME
> ldap.l4b.de and kerberos.l4b.de, the client certificate contains the
> subjectAltName=DNS: ldap.l4b.de localhost
> A search on host ldap.4b.de is successful
>
> ,----[ success ]
>
> | ldapsearch -H ldap://ldap.l4b.de -b ou=benchmark,o=avci,c=de -ZZ
> | # search result
> | search: 6
> | result: 0 Success
> | # numResponses: 2
> | # numEntries: 1
>
> `----
>
> A search on host kerberos.l4b.de gives an error
>
> ,----[ wrong hostname ]
>
> | ldapsearch -H ldap://kerberos.l4b.de -b ou=benchmark,o=avci,c=de -ZZ
> | ldap_start_tls: Connect error (-11)
> | additional info: TLS: hostname does not match CN in peer certificate
>
> `----
>
> So you might check your certificate.
Right, thank you. However, I don't know what to check ;) I mean that my
certificate (I tested several) have a subjectAltName and a commonName... and
always read the CN. Any particular value in commonName?
Thanks.
--
Imobach González Sosa
Servicio de Informática y Comunicaciones de la ULPGC
e-mail: igonzalez@becarios.ulpgc.es
Teléfono: +34 928 459519