[Pkg-openldap-devel] Bug#517188: Only the first certificate in TLS_CACERT is used to verify the server certificate
Peter Marschall
peter at adpm.de
Tue Apr 27 10:24:17 UTC 2010
Package: libldap-2.4-2
Severity: normal
Hi,
with openLDAP 2.4.21 from unstable I cannot reproduce this bug.
My /etc/ldap/ldap.conf contains the line
TLS_CACERT /etc/ssl/certs/ca-certificates.crt
and my private CA certificate used to create the server & client certificates
for OpenLDAP (and other local services) is not listed first in
/etc/ssl/certs/ca-certificates.crt
Best regards
Peter
-- System Information:
Debian Release: squeeze/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable'), (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-4-amd64 (SMP w/2 CPU cores)
Locale: LANG=de_DE.UTF-8, LC_CTYPE=de_DE.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages libldap-2.4-2 depends on:
ii libc6 2.10.2-6 Embedded GNU C Library: Shared lib
ii libgnutls26 2.8.6-1 the GNU TLS library - runtime libr
ii libsasl2-2 2.1.23.dfsg1-5 Cyrus SASL - authentication abstra
libldap-2.4-2 recommends no packages.
libldap-2.4-2 suggests no packages.
-- no debconf information
More information about the Pkg-openldap-devel
mailing list