Re: [Evolution] evolution 1.4.5 + LDAP + TLS problem

On Mon, 2004-03-22 at 13:48, Tony Earnshaw wrote:

Evo's LDAP client doesn't need a cert and doesn't complain about
self-signed certs - not 1.4.x, anyway.

I agree, so I think the problem comes from openLDAP.

My slapd.conf is configured that way btw:
TLSCertificateFile /usr/share/ssl/certs/server.pem
TLSCertificateKeyFile /usr/share/ssl/certs/server.key
TLSVerifyClient never
TLSCACertificateFile    /usr/share/ssl/certs/mycompanyCA.pem
TLSCACertificatePath /usr/share/ssl/certs/

And it definitely works with Mozilla / Outlook, so there has to be
something to do with evo. 

Both Mozilla/Outlook knows about our company CA (eg, it is included in
their Trusting CA databases), while Evo do not.

But then, I don't understand what the "TLSVerifyClient never" option is
used for..

Thanks for the help.

Vincent Jaussaud Security Manager 
email: tatooin kelkoo com
GPG key: 1024D/3BFE3FC7 2002-02-07

"Those who desire to give up freedom in order to gain security will not
have, nor do they deserve, either one."
    -- President Thomas Jefferson.    1743-1826

Attachment: signature.asc
Description: This is a digitally signed message part

[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]