Am Sun, 4 Oct 2015 19:18:19 +0500 schrieb Aneela Saleem <[email protected]>:
> I have followed this link > <http://stackoverflow.com/questions/21488845/how-can-i-generate-a-self-signed-certificate-with-subjectaltname-using-openssl>. > I update openssl.cnf file manually and added the ip address of other > client machine. Then i generated ssl certificate. Now accessing > ldaps:// platalytics.com:636 from other client machine (i also have > added platalytics.com in /etc/hosts file) but unable to access it > from external ip address. What i'm missing now? Domain Name Service? Firewall? Routing Tables? -Dieter > > On Fri, Oct 2, 2015 at 5:35 PM, Aneela Saleem <[email protected]> > wrote: > > > Hi Michael, > > > > Thanks for explaining. I just so far performed server side > > validation using the link > > <http://www.openldap.org/faq/data/cache/185.html> > > > > Can you please guide me how can we perform client side > > verification? Means how to set subjectAltName extension? > > > > On Fri, Oct 2, 2015 at 4:10 PM, Michael Ströder > > <[email protected]> wrote: > > > >> Aneela Saleem wrote: > >> > What if i want to access LDAP from external source? how would it > >> recognize > >> > platalytics.com? > >> > >> Hope fully the client perfoms the TLS hostname check as defined in > >> RFC 6125. > >> > >> All hostnames and IP addresses used by clients have to be listed > >> in the subjectAltName extension. > >> > >> Ciao, Michael. > >> > >> > > -- Dieter Klünter | Systemberatung http://sys4.de GPG Key ID: E9ED159B 53°37'09,95"N 10°08'02,42"E
