<html>
  <head>
    <meta content="text/html; charset=ISO-8859-1"
      http-equiv="Content-Type">
  </head>
  <body bgcolor="#FFFFFF" text="#000000">
    On 03/08/2012 05:33 AM, Martin Kosek wrote:
    <blockquote
      cite="mid:1331210027.11911.0.camel@balmora.brq.redhat.com"
      type="cite">
      <pre wrap="">New version of openldap (openldap-2.4.26-6.fc16.x86_64) changed its
ABI and broke our TLS connection in ipa-replica-manage. This makes
it impossible to connect for example to Active Directory to set up
a winsync replication. We always receive a connection error stating
that Peer's certificate is not recognized even though we pass
a correct certificate.

This patch fixes the way we set up TLS. The change is backwards
compatible with older versions of openldap.

<a class="moz-txt-link-freetext" href="https://fedorahosted.org/freeipa/ticket/2500">https://fedorahosted.org/freeipa/ticket/2500</a></pre>
    </blockquote>
    ack<br>
    <blockquote
      cite="mid:1331210027.11911.0.camel@balmora.brq.redhat.com"
      type="cite">
      <pre wrap="">

</pre>
      <br>
      <fieldset class="mimeAttachmentHeader"></fieldset>
      <br>
      <pre wrap="">_______________________________________________
Freeipa-devel mailing list
<a class="moz-txt-link-abbreviated" href="mailto:Freeipa-devel@redhat.com">Freeipa-devel@redhat.com</a>
<a class="moz-txt-link-freetext" href="https://www.redhat.com/mailman/listinfo/freeipa-devel">https://www.redhat.com/mailman/listinfo/freeipa-devel</a></pre>
    </blockquote>
    <br>
  </body>
</html>