Re: SSL based ldap server
I have followed this link
<http://stackoverflow.com/questions/21488845/how-can-i-generate-a-self-sig...;.
I update openssl.cnf file manually and added the ip address of other client
machine. Then i generated ssl certificate. Now accessing ldaps://
platalytics.com:636 from other client machine (i also have added
platalytics.com in /etc/hosts file) but unable to access it from external
ip address. What i'm missing now?
On Fri, Oct 2, 2015 at 5:35 PM, Aneela Saleem <aneela(a)platalytics.com>
wrote:
Hi Michael,
Thanks for explaining. I just so far performed server side validation
using the link <http://www.openldap.org/faq/data/cache/185.html>
Can you please guide me how can we perform client side verification? Means
how to set subjectAltName extension?
On Fri, Oct 2, 2015 at 4:10 PM, Michael Ströder <michael(a)stroeder.com>
wrote:
> Aneela Saleem wrote:
> > What if i want to access LDAP from external source? how would it
> recognize
> > platalytics.com?
>
> Hope fully the client perfoms the TLS hostname check as defined in RFC
> 6125.
>
> All hostnames and IP addresses used by clients have to be listed in the
> subjectAltName extension.
>
> Ciao, Michael.
>
>
Attachments:
- attachment.htm (text/html — 2.1 KB)