Your message dated Sat, 09 Apr 2011 02:17:42 +0200
with message-id <[email protected]>
and subject line Re: Bug#621800: LDAP cert must use FQDN (as in DNS)
has caused the Debian Bug report #621800,
regarding LDAP cert must use FQDN (as in DNS)
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
621800: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=621800
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: debian-edu-config
Version: 1.446~svn73153
Severity: minor
Tags: squeeze
Currently there occurs an error on testiuite/ldap-client when testing
the TLS certificate. The problem is caused by a mismatch in
certificate CN and hostname of the ldap server as in DNS/FQDN.
The hostname/FQDN in DNS (rev DNS resolve) must match the CN field.
For a default tjener setup (Main-Server) I thus recommend to default
the certs CN to tjener.intern and add the LDAP aliases as
subjectAltName fields.
Mike
--
DAS-NETZWERKTEAM
mike gabriel, dorfstr. 27, 24245 barmissen
fon: +49 (4302) 281418, fax: +49 (4302) 281419
GnuPG Key ID 0xB588399B
mail: [email protected], http://das-netzwerkteam.de
freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
pgpvnWbAJbqSQ.pgp
Description: Digitale PGP-Unterschrift
--- End Message ---
--- Begin Message ---
On Sa 09 Apr 2011 01:59:15 CEST Mike Gabriel wrote:
Currently there occurs an error on testiuite/ldap-client when
testing the TLS certificate. The problem is caused by a mismatch in
certificate CN and hostname of the ldap server as in DNS/FQDN.
The hostname/FQDN in DNS (rev DNS resolve) must match the CN field.
For a default tjener setup (Main-Server) I thus recommend to default
the certs CN to tjener.intern and add the LDAP aliases as
subjectAltName fields.
this issue has been fixed in SVN commits:
http://svn.debian.org/wsvn/debian-edu/?op=comp&compare[]=%2F@73156&compare[]=%2F@73157
http://svn.debian.org/wsvn/debian-edu/?op=comp&compare[]=%2F@73157&compare[]=%2F@73158
--
DAS-NETZWERKTEAM
mike gabriel, dorfstr. 27, 24245 barmissen
fon: +49 (4302) 281418, fax: +49 (4302) 281419
GnuPG Key ID 0xB588399B
mail: [email protected], http://das-netzwerkteam.de
freeBusy:
https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfb
pgpkzLn9SeOmB.pgp
Description: Digitale PGP-Unterschrift
--- End Message ---
