dear all
I'm trying to set a seeminglysimple setup
having a box with openldap I want it to use TLS on both
internal and external hostnames/IPs
openldap was set up earlier and was/is working
I generate TLS certificate with SAN
everything seems working fine
but
when I ldapsearch on external fqdn/IP (which in the
certificate is the subjectAltName) search fails
whereas it succeeds on internal fqdn(which is the hostname/
CN in the certificate)
error is: additional info: TLS error -8157:Certificate
extension not found.
is such a scenario even possible? having very same DN being
served on more than one name via TLS?
best wishes
