Bug 171814
Summary: | OpenLDAP 2.2 client with TLS can't access 2.0 server | ||
---|---|---|---|
Product: | Red Hat Enterprise Linux 4 | Reporter: | Jim Klossner <jklossner> |
Component: | openldap | Assignee: | Jan Safranek <jsafrane> |
Status: | CLOSED CANTFIX | QA Contact: | Jay Turner <jturner> |
Severity: | medium | Docs Contact: | |
Priority: | medium | ||
Version: | 4.0 | CC: | nalin, srevivo |
Target Milestone: | --- | ||
Target Release: | --- | ||
Hardware: | i386 | ||
OS: | Linux | ||
Whiteboard: | |||
Fixed In Version: | Doc Type: | Bug Fix | |
Doc Text: | Story Points: | --- | |
Clone Of: | Environment: | ||
Last Closed: | 2007-06-21 08:33:56 UTC | Type: | --- |
Regression: | --- | Mount Type: | --- |
Documentation: | --- | CRM: | |
Verified Versions: | Category: | --- | |
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |
Cloudforms Team: | --- | Target Upstream Version: | |
Embargoed: |
Description
Jim Klossner
2005-10-26 19:14:34 UTC
Hmm. I wrote a test to try this, and it WORKSFORME. But I'm using TLS_CACERT rather than CACERTDIR. To use CACERTDIR, I have to name the certificate file something wierd for openssl to find it. What happen if you try using CACERT instead of CACERTDIR? The "something wierd" is the X509_NAME_hash of the X509_NAME of the cert AFAICT (with a .0 stuck on the end). I can't say I really understand OpenSSL internals, but it looks like if the certificate file is named anything else, OpenSSL adds the certificate to its data structures, but then can't find it later when it attempts to reopen the certificate file later. Is your certificate file properly named? Closing this bug as it was in NEEDINFO for very long time wihtout response from reporter. If you can still reproduce the bug with latest RHEL 4 update and using CACERT instead of CACERTDIR, please contact Red Hat support at http://redhat.com/support. |