fre, 19.03.2004 kl. 17.17 skrev Vincent Jaussaud: > > Seems to me that my LDAP server is refusing the self-signed cert > > provided by Evolution. > > Isn't the LDAP option > > 'TLSVerifyClient never' suppose to handle that ? > > > > Any workaround ? > > Actually, this is a registered bug. > See https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=99554 > > But there doesn't seems to be any fix for that issue, appart from > downgrading to openldap 2.0 :-(
Hmmm ... there's no bug. I'm using Openldap 2.2.6 and Evo 1.4.5 and all the TLS stuff works perfectly. You're supposed to make your own (3) certs for the LDAP server: a server cert, a private key and a CA cert. You should use the CA cert (you can buy one instead from Verisign or another CA if you really want to) to sign the server certs. The server certs should be issued to the hostname of the ldap server that you get on Linux by doing 'hostname -f'. How to do the cert stuff you should be able to read at www.openssl.org. Certainly don't use any cert you got with Evo. --Tonni -- mail: billy - at - billy.demon.nl http://www.billy.demon.nl _______________________________________________ evolution maillist - [EMAIL PROTECTED] http://lists.ximian.com/mailman/listinfo/evolution
