Your message dated Sat, 09 Apr 2011 02:17:42 +0200 with message-id <20110409021742.15907k0lx1ginmw6@mail.das-netzwerkteam.de> and subject line Re: Bug#621800: LDAP cert must use FQDN (as in DNS) has caused the Debian Bug report #621800, regarding LDAP cert must use FQDN (as in DNS) to be marked as done. This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact owner@bugs.debian.org immediately.) -- 621800: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=621800 Debian Bug Tracking System Contact owner@bugs.debian.org with problems
--- Begin Message ---
- To: bugs@debian.org
- Subject: LDAP cert must use FQDN (as in DNS)
- From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
- Date: Sat, 09 Apr 2011 01:59:15 +0200
- Message-id: <20110409015915.12487hvw9j1wmjpv@mail.das-netzwerkteam.de>
Package: debian-edu-config Version: 1.446~svn73153 Severity: minor Tags: squeezeCurrently there occurs an error on testiuite/ldap-client when testing the TLS certificate. The problem is caused by a mismatch in certificate CN and hostname of the ldap server as in DNS/FQDN.The hostname/FQDN in DNS (rev DNS resolve) must match the CN field.For a default tjener setup (Main-Server) I thus recommend to default the certs CN to tjener.intern and add the LDAP aliases as subjectAltName fields.Mike -- DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419 GnuPG Key ID 0xB588399B mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfbAttachment: pgptuoHUbKZLS.pgp
Description: Digitale PGP-Unterschrift
--- End Message ---
--- Begin Message ---
- To: 621800-close@bugs.debian.org
- Subject: Re: Bug#621800: LDAP cert must use FQDN (as in DNS)
- From: Mike Gabriel <mike.gabriel@das-netzwerkteam.de>
- Date: Sat, 09 Apr 2011 02:17:42 +0200
- Message-id: <20110409021742.15907k0lx1ginmw6@mail.das-netzwerkteam.de>
- In-reply-to: <20110409015915.12487hvw9j1wmjpv@mail.das-netzwerkteam.de>
- References: <20110409015915.12487hvw9j1wmjpv@mail.das-netzwerkteam.de>
On Sa 09 Apr 2011 01:59:15 CEST Mike Gabriel wrote:Currently there occurs an error on testiuite/ldap-client when testing the TLS certificate. The problem is caused by a mismatch in certificate CN and hostname of the ldap server as in DNS/FQDN.The hostname/FQDN in DNS (rev DNS resolve) must match the CN field.For a default tjener setup (Main-Server) I thus recommend to default the certs CN to tjener.intern and add the LDAP aliases as subjectAltName fields.this issue has been fixed in SVN commits: http://svn.debian.org/wsvn/debian-edu/?op=comp&compare[]=%2F@73156&compare[]=%2F@73157 http://svn.debian.org/wsvn/debian-edu/?op=comp&compare[]=%2F@73157&compare[]=%2F@73158 -- DAS-NETZWERKTEAM mike gabriel, dorfstr. 27, 24245 barmissen fon: +49 (4302) 281418, fax: +49 (4302) 281419 GnuPG Key ID 0xB588399B mail: mike.gabriel@das-netzwerkteam.de, http://das-netzwerkteam.de freeBusy: https://mail.das-netzwerkteam.de/freebusy/m.gabriel%40das-netzwerkteam.de.xfbAttachment: pgp7nkekbhaui.pgp
Description: Digitale PGP-Unterschrift
--- End Message ---