Do we need to have CA certificate/server key on other client machine as
well? If yes, then how can we achieve that?
On Sun, Oct 4, 2015 at 9:00 PM, Dieter Klünter <dieter(a)dkluenter.de> wrote:
Am Sun, 4 Oct 2015 19:18:19 +0500
schrieb Aneela Saleem <aneela(a)platalytics.com>:
> I have followed this link
> I update openssl.cnf file manually and added the ip address of other
> client machine. Then i generated ssl certificate. Now accessing
> ldaps:// platalytics.com:636 from other client machine (i also have
> added platalytics.com
in /etc/hosts file) but unable to access it
> from external ip address. What i'm missing now?
Domain Name Service? Firewall? Routing Tables?
> On Fri, Oct 2, 2015 at 5:35 PM, Aneela Saleem <aneela(a)platalytics.com>
> > Hi Michael,
> > Thanks for explaining. I just so far performed server side
> > validation using the link
> > <http://www.openldap.org/faq/data/cache/185.html>
> > Can you please guide me how can we perform client side
> > verification? Means how to set subjectAltName extension?
> > On Fri, Oct 2, 2015 at 4:10 PM, Michael Ströder
> > <michael(a)stroeder.com> wrote:
> >> Aneela Saleem wrote:
> >> > What if i want to access LDAP from external source? how would it
> >> recognize
> >> > platalytics.com?
> >> Hope fully the client perfoms the TLS hostname check as defined in
> >> RFC 6125.
> >> All hostnames and IP addresses used by clients have to be listed
> >> in the subjectAltName extension.
> >> Ciao, Michael.
Dieter Klünter | Systemberatung
GPG Key ID: E9ED159B