[Pkg-openldap-devel] Bug#462588: Bug#462588: Bug#462588: Bug#462588: Bug#462588: Bug#462588: Same problem
T.A. van Roermund
timo at van-roermund.nl
Tue Jan 29 23:42:01 UTC 2008
Quanah Gibson-Mount wrote:
> That would be a problem if "server-timo.van-roermud.nl" is not in
> subjectAltName for the certs.
I changed the certificate (self signed), it now looks like this (only
the relevant parts):
Certificate:
Data:
<cut>
Signature Algorithm: sha1WithRSAEncryption
Issuer: C=NL, ST=Noord-Brabant, L=Eindhoven, O=van-roermund.nl,
CN=van-roermund.nl/emailAddress=timo at van-roermund.nl
<cut>
Subject: C=NL, ST=Noord-Brabant, O=van-roermund.nl,
CN=van-roermund.nl/emailAddress=timo at van-roermund.nl
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (2048 bit)
<cut>
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
<cut>
X509v3 Subject Alternative Name:
DNS:van-roermund.nl, DNS:server-timo.van-roermund.nl,
DNS:www.van-roermund.nl, DNS:imap.van-roermund.nl,
DNS:smtp.van-roermund.nl, DNS:ftp.van-roermund.nl
So my FQDN ("server-timo.van-roermund", double checked with "hostname
-f") is now part of subjectAltName. However, it still doesn't work.
Regards,
Timo
More information about the Pkg-openldap-devel
mailing list