--On Wednesday, July 19, 2017 7:51 PM +0100 Brad <[email protected]>
wrote:
Thanks for the replies Michael and Quanah, appreciated.
Here's some log output showing the content of one of the failed entries:
cACertificate;binary: 308204423082032AA00302010202010...
cACertificate;binary: 3082039C30820284A00302010202010...
Looks like the repeated cACertificate attributes do actually have
different values.
May depend on the verification routines for CACertificate binary data. Do
the two CA's have the same subject line? I haven't dug into the code yet
to see how it does the comparison for these values, so it could be way off
base.
(Note: apologies for any duplicate messages, I'm having issues getting my
posts to register with the mailing list)
The list is moderated. It may just take a bit for a moderator to approve.
--Quanah
--
Quanah Gibson-Mount
Product Architect
Symas Corporation
Packaged, certified, and supported LDAP solutions powered by OpenLDAP:
<http://www.symas.com>
