Re: [Evolution] evolution 1.4.5 + LDAP + TLS problem

From: Tony Earnshaw <tonye billy demon nl>
To: Evolution list <evolution lists ximian com>
Subject: Re: [Evolution] evolution 1.4.5 + LDAP + TLS problem
Date: Fri, 19 Mar 2004 23:19:49 +0100

fre, 19.03.2004 kl. 17.17 skrev Vincent Jaussaud:

Seems to me that my LDAP server is refusing the self-signed cert
provided by Evolution.
Isn't the LDAP option 
'TLSVerifyClient never' suppose to handle that ?

Any workaround ?


Actually, this is a registered bug.
See https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=99554

But there doesn't seems to be any fix for that issue, appart from
downgrading to openldap 2.0 :-(


Hmmm ... there's no bug. I'm using Openldap 2.2.6 and Evo 1.4.5 and all
the TLS stuff works perfectly. You're supposed to make your own (3)
certs for the LDAP server: a server cert, a private key and a CA cert.
You should use the CA cert (you can buy one instead from Verisign or
another CA if you really want to) to sign the server certs. The server
certs should be issued to the hostname of the ldap server that you get
on Linux by doing 'hostname -f'. How to do the cert stuff you should be
able to read at www.openssl.org. Certainly don't use any cert you got
with Evo.

--Tonni

-- 

mail: billy - at - billy.demon.nl
http://www.billy.demon.nl

Follow-Ups:
- Re: [Evolution] evolution 1.4.5 + LDAP + TLS problem
  - From: Tony Earnshaw
- Re: [Evolution] evolution 1.4.5 + LDAP + TLS problem
  - From: Vincent Jaussaud

References:
- [Evolution] evolution 1.4.5 + LDAP + TLS problem
  - From: Vincent Jaussaud
- Re: [Evolution] evolution 1.4.5 + LDAP + TLS problem
  - From: Tony Earnshaw
- Re: [Evolution] evolution 1.4.5 + LDAP + TLS problem
  - From: Vincent Jaussaud
- Re: [Evolution] evolution 1.4.5 + LDAP + TLS problem
  - From: Vincent Jaussaud

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]