[Fedora-directory-users] Hostname does not match CN....
George Holbert
gholbert at broadcom.com
Mon Apr 3 15:33:40 UTC 2006
>
> [root at test]# ldapsearch -x -ZZ '(uid=testuser)'
> ldap_start_tls: Connect error (-11)
> additional info: TLS:hostname does not match CN in peer
> certificate
>
>
> How can I solve ?
The server hostname you pass to ldapsearch must exactly match the CN in
the certificate you signed for the server.
So, if you signed the certificate with a fully-qualified domainname
(e.g. ldaphost.example.com),
use "-h ldaphost.example.com" instead of "-h ldaphost".
Alex aka Magobin wrote:
> Hi,
> After with your help, succesfully configured replication between server
> I take a look to configure client's authentication through ldap
> server...I have 2 question:
>
> 1) Is it possible add a user directly from fedora ds as posix user using
> groups from server?..I don't know is groups is integrated with
> system...is it possible to add server groups to Fedora DS groups?
>
> 2) Reading ssl howto I export CA certificate to client(fedora core5)
> in /etc/openldap/cacerts....(some of steps in ssl howto are
> automatically generated from fedora core 5 as installing in cacerts
> directory in x509 mode) but when I try to check if ssl is enable the
> answer is:
>
> [root at test]# ldapsearch -x -ZZ '(uid=testuser)'
> ldap_start_tls: Connect error (-11)
> additional info: TLS:hostname does not match CN in peer
> certificate
>
>
> How can I solve ?
>
> Alex
>
>
> --
> Fedora-directory-users mailing list
> Fedora-directory-users at redhat.com
> https://www.redhat.com/mailman/listinfo/fedora-directory-users
>
>
More information about the Fedora-directory-users
mailing list