Bug#570773: squeeze: LDAP connections using TLS do not work

To: 570773@bugs.debian.org
Subject: Bug#570773: squeeze: LDAP connections using TLS do not work
From: Petter Reinholdtsen <pere@hungry.com>
Date: Wed, 24 Feb 2010 13:01:39 +0100
Message-id: <20100224120139.GE29475@login1.uio.no>
Reply-to: Petter Reinholdtsen <pere@hungry.com>, 570773@bugs.debian.org
In-reply-to: <201002211327.19050.holger@layer-acht.org>
References: <201002211327.19050.holger@layer-acht.org>

[Holger Levsen]
> Something is wrong with the generation and/or with the distribution of the 
> LDAP SSL certificate. LDAP connections using TLS do not work.
> 
> Filing as serious as having LDAP configured out of the box is a core
> feature of Debian Edu.

I suspect the cause of my problems during testing is that I install on
a network where the 'ldap' DNS name already exist, causing the
installer to download the wrong server certificate to
/etc/ldap/ssl/ldap-server-pubkey.pem on the main server (it should be
copied from the local disk instead).  The certificate is then wrong
when I disconnect the main-server from the local network to test it
after installation.

If I am right, this problem will affect lenny installations too.

I have added some test code to testsuite/ldap-server in svn to detect
when that happen, and hope it will make it posible to verify my
suspicion.

Happy hacking,
-- 
Petter Reinholdtsen

Reply to:

References:
- Bug#570773: squeeze: LDAP connections using TLS do not work
  - From: Holger Levsen <holger@layer-acht.org>

Prev by Date: Bug#570781: squeeze: ldap preseeding needs to be updated
Next by Date: debian-edu-config_1.437~svn62926_i386.changes ACCEPTED
Previous by thread: Bug#570773: squeeze: LDAP connections using TLS do not work
Next by thread: Bug#570776: squeeze: NFS exports dont work
Index(es):
- Date
- Thread