Am Sun, 4 Oct 2015 19:18:19 +0500
schrieb Aneela Saleem <aneela(a)platalytics.com>:
I have followed this link
<
http://stackoverflow.com/questions/21488845/how-can-i-generate-a-self-sig...;.
I update openssl.cnf file manually and added the ip address of other
client machine. Then i generated ssl certificate. Now accessing
ldaps:// platalytics.com:636 from other client machine (i also have
added
platalytics.com in /etc/hosts file) but unable to access it
from external ip address. What i'm missing now?
Domain Name Service? Firewall? Routing Tables?
-Dieter
On Fri, Oct 2, 2015 at 5:35 PM, Aneela Saleem <aneela(a)platalytics.com>
wrote:
> Hi Michael,
>
> Thanks for explaining. I just so far performed server side
> validation using the link
> <
http://www.openldap.org/faq/data/cache/185.html>
>
> Can you please guide me how can we perform client side
> verification? Means how to set subjectAltName extension?
>
> On Fri, Oct 2, 2015 at 4:10 PM, Michael Ströder
> <michael(a)stroeder.com> wrote:
>
>> Aneela Saleem wrote:
>> > What if i want to access LDAP from external source? how would it
>> recognize
>> > platalytics.com?
>>
>> Hope fully the client perfoms the TLS hostname check as defined in
>> RFC 6125.
>>
>> All hostnames and IP addresses used by clients have to be listed
>> in the subjectAltName extension.
>>
>> Ciao, Michael.
>>
>>
>
--
Dieter Klünter | Systemberatung
http://sys4.de
GPG Key ID: E9ED159B
53°37'09,95"N
10°08'02,42"E