Re: [Evolution] evolution 1.4.5 + LDAP + TLS problem

[Tony Earnshaw <tonye billy demon nl>]

tir, 23.03.2004 kl. 11.14 skrev Vincent Jaussaud:

> Btw, what's your opinion about the bug registered in Redhat bugzilla ?
> https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=99554

I read it. Pretty dismal. The same "red thread" (as the Norwegians say)
goes through the whole thing:

TLS trace: SSL3 alert read:fatal:unknown CA
TLS trace: SSL_accept:failed in SSLv3 read client certificate A
TLS: can't accept.
TLS: error:14094418:SSL routines:SSL3_READ_BYTES:tlsv1 alert unknown ca
s3_pkt.c:1052

This is a server/openldap client exchange configuration error. The
server and the client are attempting to exchange certs, and the server
is saying that it can't accept the client cert because it doesn't
recognize the client CA. Therefore the server has not been given the
client CA in a form it can understand. However, we're not talking about
Evo or any other MTA here. The "bug" (which isn't a bug, since it would
long ago have been solved - late summer 2003) has to do with something
called "SASL external", which as a whole only leads to misery. Forget
SASL external.

Vincent. I can't help any further. Mine (and many others') works, yours
doesn't. Further help in configuring Openldap software on the Openldap
list (watch out for Big Daddy, who keeps on telling people they're OT if
they do not expressly confine themselves to Openldap software); it's Big
daddy's very own list.

Bottom line: If Openldap is configured correctly for SSL and/or TLS, Evo
1.4.5 TLS works, out of the box. Not just I, but several
hundred/thousand others can attest to this ;)

Best,

--Tonni

-- 

mail: billy - at - billy.demon.nl
http://www.billy.demon.nl