reopen 419516
thanks
Hi
Thanks for the explanation as well, but it do not work still.
Either I need a way to disable certificate checking, or someone need
to explain to me exactly why the certificate check fails.
[EMAIL PROTECTED]:/etc/ssl/CA# ldapsearch -W -x -LLL -D
cn=admin,dc=opalsys,dc=net -H ldaps://ldap.opalsys.net -b dc=opalsys,dc=net -P3
-ZZ
ldap_start_tls: Can't contact LDAP server (-1)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
[EMAIL PROTECTED]:/etc/ssl/CA# ldapsearch -W -x -LLL -D
cn=admin,dc=opalsys,dc=net -H ldap://ldap.opalsys.net -b dc=opalsys,dc=net -P3
-ZZ
ldap_start_tls: Connect error (-11)
additional info: error:14090086:SSL
routines:SSL3_GET_SERVER_CERTIFICATE:certificate verify failed
The ldap certificate looks like this when printed:
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1 (0x1)
Signature Algorithm: md5WithRSAEncryption
Issuer: C=SE, ST=-, L=Karlstad, O=Ola Lundqvist systemkonsult,
CN=Certificate Authority/[EMAIL PROTECTED]
Validity
Not Before: Dec 29 18:45:05 2004 GMT
Not After : Dec 28 18:45:05 2009 GMT
Subject: C=SE, ST=-, L=Karlstad, O=opalsys.net,
CN=ldap.opalsys.net/[EMAIL PROTECTED]
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public Key: (1024 bit)
Modulus (1024 bit):
00:c5:9b:ae:06:23:03:00:3b:78:12:92:be:ae:36:
f8:4a:53:8c:16:b8:02:a0:b7:52:ee:87:b2:03:7b:
22:ca:fa:64:48:4a:a1:e1:55:89:fb:11:88:4b:0f:
ea:e3:a7:a7:06:ad:b3:12:15:99:05:69:d6:82:ac:
57:5f:44:17:07:4d:9b:3e:1f:0d:5c:94:fe:a3:58:
09:17:71:52:b7:95:ad:6a:36:3d:f2:d8:33:6d:60:
8b:4c:c7:c7:05:9b:a5:4d:06:64:c3:b5:10:38:7d:
ff:73:80:e5:59:d4:3f:7a:f1:82:0a:5e:4c:ac:6b:
f1:91:39:30:80:09:d7:a5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Basic Constraints:
CA:FALSE
Netscape Comment:
OpenSSL Generated Certificate
X509v3 Subject Key Identifier:
8E:7A:1F:F1:DC:C8:3D:AE:D3:0D:93:A0:17:F7:7C:FC:9F:2B:71:CD
X509v3 Authority Key Identifier:
keyid:82:91:2D:B2:F1:1E:7F:A4:FA:0F:33:AE:9A:6D:32:97:FC:26:34:F4
DirName:/C=SE/ST=-/L=Karlstad/O=Ola Lundqvist
systemkonsult/CN=Certificate Authority/[EMAIL PROTECTED]
serial:96:CF:56:AF:18:23:8F:19
Signature Algorithm: md5WithRSAEncryption
64:5c:1a:45:43:c2:82:a9:80:b9:55:0c:f4:5f:5b:49:27:cc:
fc:a8:25:7c:49:4a:bd:b3:47:22:fa:1c:7f:8c:e7:79:3a:e2:
a4:f6:1f:cc:12:d5:e3:6e:db:e0:0e:6b:e5:aa:69:52:c6:bd:
2a:07:c2:d0:e5:d3:cb:18:c3:3d:36:9b:64:fd:ca:70:9d:34:
0c:df:7a:a6:50:11:5e:99:fc:f5:84:b1:6d:ef:6d:64:53:48:
50:df:d5:40:ea:c8:e7:9b:ab:0c:e6:2d:0c:00:d4:88:d0:e1:
20:5f:d5:c1:20:16:16:13:5d:d4:8b:3d:22:cd:aa:3b:b9:6b:
94:95
Best regards,
// Ola
On Sat, Aug 04, 2007 at 06:45:07PM +0000, Debian Bug Tracking System wrote:
> This is an automatic notification regarding your Bug report
> #419516: Do not work with tls,
> which was filed against the phpldapadmin package.
>
> It has been closed by Fabio Tranchitella <[EMAIL PROTECTED]>.
>
> Their explanation is attached below. If this explanation is
> unsatisfactory and you have not received a better one in a separate
> message then please contact Fabio Tranchitella <[EMAIL PROTECTED]> by replying
> to this email.
>
> Debian bug tracking system administrator
> (administrator, Debian Bugs database)
>
> From: Fabio Tranchitella <[EMAIL PROTECTED]>
> To: [EMAIL PROTECTED]
> Subject: Re: Bug#419516: Do not work with tls
> X-Organization: Fabio Tranchitella: Torino (Italy), Pécs (Hungary)
> X-URL: http://www.tranchitella.it
> X-Operating-System: Debian GNU/Linux 4.0
> X-GPG-Keyserver: http://keyring.debian.org
> X-GPG-Keynumber: 0x7F961564
> X-GPG-Fingerprint: 5465 6E69 E559 6466 BF3D 9F01 2BF8 EE2B 7F96 1564
> X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
> (1.212-2003-09-23-exp) on rietz.debian.org
> X-Spam-Level:
> X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
> autolearn=no version=2.60-bugs.debian.org_2005_01_02
>
> * 2007-06-27 01:03, Adrian Bridgett wrote:
> > Just looking for another bug and thought I'd comment.
> > I have TLS working fine with 0.9.8.3-8.
>
> Thanks for your e-mail and explanation, I'm closing the bug report as the
> bug does not exist.
>
> Have a nice day,
>
> --
> Fabio Tranchitella http://www.kobold.it
> Free Software Developer and Consultant http://www.tranchitella.it
> _____________________________________________________________________
> 1024D/7F961564, fpr 5465 6E69 E559 6466 BF3D 9F01 2BF8 EE2B 7F96 1564
--
--------------------- Ola Lundqvist ---------------------------
/ [EMAIL PROTECTED] Annebergsslingan 37 \
| [EMAIL PROTECTED] 654 65 KARLSTAD |
| http://opalsys.net/ +46 (0)70-332 1551 |
\ gpg/f.p.: 7090 A92B 18FE 7994 0C36 4FE4 18A1 B1CF 0FE5 3DD9 /
---------------------------------------------------------------
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
