On Tue, 2004-03-23 at 16:29, Tony Earnshaw wrote:
This is a server/openldap client exchange configuration error. The server and the client are attempting to exchange certs, and the server is saying that it can't accept the client cert because it doesn't recognize the client CA. Therefore the server has not been given the client CA in a form it can understand. However, we're not talking about Evo or any other MTA here. The "bug" (which isn't a bug, since it would long ago have been solved - late summer 2003) has to do with something called "SASL external", which as a whole only leads to misery. Forget SASL external.
I don't think I'm using it, although I'll double check.
Vincent. I can't help any further. Mine (and many others') works, yours doesn't. Further help in configuring Openldap software on the Openldap list (watch out for Big Daddy, who keeps on telling people they're OT if they do not expressly confine themselves to Openldap software); it's Big daddy's very own list.
Sure, I understand this is probably not evolution related. Many thanks for your help & time so far. I'll follow your advice, and dig a little with the openldap mailing lists. Thanks again. Regards,
Bottom line: If Openldap is configured correctly for SSL and/or TLS, Evo 1.4.5 TLS works, out of the box. Not just I, but several hundred/thousand others can attest to this ;)
Best, --Tonni
--
Vincent Jaussaud
Kelkoo.com Security Manager
email: tatooin kelkoo com
GPG key: 1024D/3BFE3FC7 2002-02-07
"Those who desire to give up freedom in order to gain security will not
have, nor do they deserve, either one."
-- President Thomas Jefferson. 1743-1826
Attachment:
signature.asc
Description: This is a digitally signed message part