Zicklag created DIRSTUDIO-1255:
----------------------------------
Summary: ApacheDS Does Not Send TLS HostSNI Extension Information
in Requests
Key: DIRSTUDIO-1255
URL: https://issues.apache.org/jira/browse/DIRSTUDIO-1255
Project: Directory Studio
Issue Type: Bug
Components: studio-ldapservers
Affects Versions: 2.0.0-M15
Environment: Pop!_OS ( Ubuntu ) 20.04
Reporter: Zicklag
I have an LDAP server that is hosted behind a Traefik reverse proxy that is
used to generate trusted TLS certificates that are terminated before hitting
the LDAP server. The Traefik proxy uses the Host SNI TLS extension in order to
determine whether or not to route the request to the LDAP server or something
else, but ApacheDS Studio does not send the Host SNI data in its request which
means that Traefik cannot determine that the request is supposed to be routed
to the LDAP server.
Connecting to the LDAP server works fine using curl because curl sends the
server name data in its request. I used Wireshark to double-check the request
coming from ApacheDS Studio and verified that the server name extension was not
present on the TLS request.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
