[Pkg-openldap-devel] Bug#462588: Bug#462588: Bug#462588: Bug#462588: Bug#462588: Bug#462588: Bug#462588: Same problem

[Steve Langasek]

On Wed, Jan 30, 2008 at 12:42:01AM +0100, T.A. van Roermund wrote:


> So my FQDN ("server-timo.van-roermund", double checked with "hostname 
> -f") is now part of subjectAltName. However, it still doesn't work.

Please try setting 'TLSVerifyClient allow' in your slapd.conf, and let us
know whether that fixes the problem for you.

In my tests, I see that the default client certificate handling for 2.4.7
with GnuTLS does not match what's documented in the slapd.conf manpage; I
think we have another bug here that will need tracking down.

-- 
Steve Langasek                   Give me a lever long enough and a Free OS
Debian Developer                   to set it on, and I can move the world.
Ubuntu Developer                                    http://www.debian.org/
slangasek at ubuntu.com                                     vorlon at debian.org