Re: TLS hostname check screwed up?

12 Aug 2009


      Michael Ströder wrote:
...
HI!
I'm using libldap of RE24 and have a problem with host name checking when
doing TLS.
OpenLDAP's debug output (real hostname exactly replaced by srv.domain.local):
------------------------------ snip ------------------------------
TLS: hostname (srv.domain.local.) does not match common name in certificate
(srv.domain.local).
------------------------------ snip ------------------------------
Is this because of the trailing dot?
Probably. The RFC requires an exact match, there's no exception for dots.
-- 
   -- Howard Chu
   CTO, Symas Corp.           http://www.symas.com
   Director, Highland Sun     http://highlandsun.com/hyc/
   Chief Architect, OpenLDAP  http://www.openldap.org/project/

2024

2023

2022

2021

2020

2019

2018

2017

2016

2015

2014

2013

2012

2011

2010

2009

2008

2007

2006

Re: TLS hostname check screwed up?