Re: SOLVED: NSPR "Certificate type not approved for application" error when a TLS-enabled proxy LDAP OpenLDAP server connects to Fedora Directory Server

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Aleksander Adamowski wrote:
It seems that whenever certificate authentication is an allowed possibility on the FDS server side, OpenLDAP client tries using it even if it is operating inside an OpenLDAP server environment (in which case it supplies its server certificate as client's - thus the problem).
OpenLDAP client lib supplies the client cert which was configured for back-ldap. Check OpenLDAP's ldap.conf or slapd.conf and the relevant man-pages.
I think the problem is on OpenLDAP side (it shouldn't use its server certificate for client authentication when acting as an LDAP client).
I think the problem is with your particular configuration and the certs you're using. 

Ciao, Michael.

--
Fedora-directory-users mailing list
Fedora-directory-users@xxxxxxxxxx
https://www.redhat.com/mailman/listinfo/fedora-directory-users
[Index of Archives]     [Fedora Directory Users]     [Fedora Directory Devel]     [Fedora Announce]     [Fedora Legacy Announce]     [Kernel]     [Fedora Legacy]     [Share Photos]     [Fedora Desktop]     [PAM]     [Red Hat Watch]     [Red Hat Development]     [Big List of Linux Books]     [Gimp]     [Yosemite News]

  Powered by Linux