directory-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Richard U <richard.u.s...@gmail.com>
Subject TLS: hostname does not match common name in certificate (apacheds).
Date Tue, 14 Jan 2014 03:45:15 GMT
I have setup ApacheDS to use StartTLS and I can connect to it without
problem from Apache Directory Studio using the encryption method "Use
StartTLS extension" without problem.
I am not trying to configure my Ubuntu client to LDAP bind with this
ApacheDS server for user authentication.  I can bind without encryption.
 But when I setup to use "ssl start_tls" in my ldap.conf file, I got the
following error message

TLS: hostname (....) does not match common name in certificate (apacheds).

I have appended the "userCertificate" of "uid=admin,ou=system" to
/etc/ssl/certs/ca-certificate.

I know that I can resolve this by setting the record for "apacheds" to
refer to the server IP address in /etc/hosts.  However, this is not I want.
 I want to use the full domain name to connect to the server.

What is the right way to approach this problem?  Shall I replace the
"userCertificate" value with another certificate?  How to achieve that?
 Also, the certificate shown in this field expire in 1 year?  How shall we
maintain it?

Sorry, I am new to using certificates.  Thanks for answering my question.

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message