[389-users] Cert check in replication ?
Emmanuel BILLOT
emmanuel.billot at ird.fr
Thu Jun 4 08:47:06 UTC 2009
Emmanuel BILLOT a écrit :
> Hi,
>
> On Sun, 17 May 2009 i posted a message about DNS name check in
> replication between FDS servers.
>
> It seems that the name which the certificate gives is not checked (one
> can give any DNS hostname, replication works).
> We also had this behaviour this on S1DS on Solaris 9.
>
> However, on RHDS, here is the error message :
>
> [04/Jun/2009:09:53:28 +0200] slapi_ldap_bind - Error: could not send
> bind request for id [cn=replication manager,cn=config] mech [SIMPLE]:
> error 81 (Can't contact LDAP server) -12276 (Unable to communicate
> securely with peer: requested domain name does not match the server's
> certificate.) 11 (Resource temporarily unavailable)
>
> Both FDS and RHDS have been configured with the same config.
> The only way we found different is the OS (Centos for FDS, RHEL5 for
> RHDS, Solaris 9 for S1DS).
>
> Does anyone can found any explication ?
>
Ok seems that RHDS as the checks DNS option by default.
--
==========================================
Emmanuel BILLOT
IRD - Orléans
Délégation aux Systèmes d'Information (DSI)
tél : 02 38 49 95 88
==========================================
More information about the Fedora-directory-users
mailing list