Re: (ITS#6352) Not all certificates are read if the TLS_CACERTDIR contains broken links

28 Oct 2009


      steffen.gruner@basf.com wrote:
...
Full_Name: Steffen Gruner
Version: 2.3.43
OS: Gentoo Linux
URL:
Submission from: (NULL) (84.171.177.13)
If in the TLS_CACERTDIR (/etc/ssl/certs/ on by box) contains broken symbolic
links the ldapsearch command stops on the first broken link and doesn't use all
the other certificates.
This functionality is provided by the OpenSSL library; you should file this 
bug report with them. In the meantime, now you know yet another reason why we 
recommend using TLS_CACERT instead of TLS_CACERTDIR.
-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

Re: (ITS#6352) Not all certificates are read if the TLS_CACERTDIR contains broken links