-
Bug
-
Resolution: Won't Do
-
Major
-
None
-
httpd 2.4.6 CR1
-
None
-
Release Notes
-
-
-
-
-
-
Known issue...
-
LDAP with SSL connection fails. The handshake fails due the TLS/SSL exception. The insufficient SSL security is thrown in testsuite.
These exceptions raise in apache log (error_log):
...
TLS: certificate [CN=dhcp-4-207.brq.redhat.com,OU=Directory,O=ASF,C=US] is not valid - error -8181:Peer's Certificate has expired..
TLS: certificate [CN=dhcp-4-207.brq.redhat.com,OU=Directory,O=ASF,C=US] is not valid - error -8179:Peer's Certificate issuer is not recognized..
TLS: error: connect - force handshake failure: errno 13 - moznss error -12156
TLS: can't connect: TLS error -12156:The server certificate included a public key that was too weak..
...
and
... [Tue Apr 12 07:47:07.065745 2016] [authnz_ldap:info] [pid 12723] [client 127.0.0.1:33855] AH01695: auth_ldap authenticate: user hnelson authentication failed; URI /ldap-status [LDAP: ldap_simple_bind() failed][Can't contact LDAP server] ...
Problem is with nss library, where old versions are able to work with secured connection without explicit certificate definition. Second problem is why is "default" certificate referring to "dhcp-4-207.brq.redhat.com" - this is not name of the computer, where the test is running and the name is same on different test machines.
- relates to
-
-
- Closed
-
