Loading...

Linking RHIVOS CVEs to...

Migration: Automation ...

Sync from "Extern...

XML

Word

Printable

Type: Bug
Resolution: Unresolved
Priority: Major
Fix Version/s: rhel-10.3
Affects Version/s: rhel-10.2
Component/s: 389-ds-base
Labels:
None

Regression:
None
Severity:
None
Epic Link:
IDM-1130

AssignedTeam:
rhel-idm-ds

Story Points:
None
Blocked:
False
Ready:
False
Blocked Reason:

Hide

None

Show
None
Product Documentation Required:
None
Sprint:
None

Preliminary Testing:
None
Test Coverage:
None

ProdDocsReview-CCS:
Unspecified
ProdDocsReview-Dev:
Unspecified
ProdDocsReview-QE:
Unspecified

Experience:

PX Impact Score:
SFDC Cases Counter:
SFDC Cases Open:
SFDC Cases Links:

Planning:
None

For post-quantum cryptography migration, it is expected that a deployment might be in a transitional state where some clients will understand PQC algorithms and some aren't yet. Therefore, 389-ds LDAP server needs to be able to negotiate LDAPS or LDAP+startTLS with both types of clients by providing both ML-DSA and RSA/EC certificates.

This is already possible when configured manually but dsconf tool hardcodes a certificate name (CN) to Server-Cert, making it impossible to add multiple certificates through the dsconf tool.

- - Sort By Name
  - Sort By Date
  - Ascending
  - Descending
  - Thumbnails
  - List
  - Download All

script.sh
7 kB
2026/02/04 11:21 AM

Assignee:: Unassigned

Reporter:: Alexander Bokovoy

Developer:: IdM DS Dev

QA Contact:: IdM DS QE

Doc Contact:: Evgenia Martyniuk

Votes:: 0 Vote for this issue

Watchers:: 5 Start watching this issue

Created:: 2026/02/04 8:21 AM

Updated:: 2026/02/23 4:03 PM

Stale Date:: 2027/02/03

Details

Description

Attachments

Attachments

Easy Agile Planning Poker

Activity

People

Dates