 | Start a set with this search |
 | Include this search in one of my sets |
 | Exclude this search from one of my sets |
 | Permalink to these results Paste this link in email or IM: |
 | Atom feed for tracking future search results Paste this URL into your reader: |
30 messages in org.openldap.openldap-softwareRe: failover config: servers with sam...| From | Sent On | Attachments |
|---|---|---|
| Emmanuel Dreyfus | Jul 23, 2007 6:50 am | |
| Quanah Gibson-Mount | Jul 23, 2007 11:01 am | |
| Emmanuel Dreyfus | Jul 23, 2007 1:09 pm | |
| Quanah Gibson-Mount | Jul 23, 2007 1:18 pm | |
| Russ Allbery | Jul 23, 2007 4:35 pm | |
| Christopher Cowart | Jul 23, 2007 7:40 pm | |
| Howard Chu | Jul 23, 2007 9:58 pm | |
| Emmanuel Dreyfus | Jul 24, 2007 1:02 am | |
| Howard Chu | Jul 24, 2007 1:54 am | |
| Emmanuel Dreyfus | Jul 24, 2007 12:18 pm | |
| Quanah Gibson-Mount | Jul 25, 2007 8:52 am | |
| Emmanuel Dreyfus | Jul 25, 2007 9:06 am | |
| Quanah Gibson-Mount | Jul 25, 2007 9:47 am | |
| Michael Ströder | Jul 25, 2007 9:53 am | |
| Emmanuel Dreyfus | Jul 25, 2007 10:36 am | |
| Quanah Gibson-Mount | Jul 25, 2007 10:46 am | |
| Howard Chu | Jul 25, 2007 2:31 pm | |
| Michael Ströder | Jul 25, 2007 2:38 pm | |
| Howard Chu | Jul 25, 2007 2:44 pm | |
| Russ Allbery | Jul 25, 2007 2:45 pm | |
| Norman Gaywood | Jul 25, 2007 3:04 pm | |
| Emmanuel Dreyfus | Jul 25, 2007 8:30 pm | |
| Emmanuel Dreyfus | Jul 25, 2007 8:31 pm | |
| Howard Chu | Jul 25, 2007 11:17 pm | |
| Ralf Haferkamp | Jul 26, 2007 1:27 am | |
| Emmanuel Dreyfus | Jul 26, 2007 4:04 am | |
| Emmanuel Dreyfus | Jul 26, 2007 4:04 am | |
| Donn Cave | Jul 26, 2007 9:38 am | |
| Ralf Haferkamp | Jul 26, 2007 11:46 am | |
| Howard Chu | Jul 27, 2007 2:13 am |
| Permalink for this message Paste this link in email or IM: |
| Permalink for this thread Paste this link in email or IM: |
| Atom feed for this thread Paste this URL into your reader: |
| Subject: | Re: failover config: servers with same DNS address and TLS, subjectAltName extension | Actions... |
|---|---|---|
| From: | Howard Chu (hy...@symas.com) | |
| Date: | Jul 25, 2007 11:17:44 pm | |
| List: | org.openldap.openldap-software | |
Emmanuel Dreyfus wrote:
Howard Chu <hy...@symas.com> wrote:
Though I suspect that in the 7 or so years that OpenLDAP has supported OpenSSL, many people have been confronted with this problem, read the docs, and implemented the solution and moved on to the next thing, without any fuss.
I am not sure I'm the only one that have the feeling he has lost too many time to bring the parts together for a recurrent usage that could have been better documented. Feedback from other users would be interesting.
It may just mean there is a language barrier, something that would better be served by a translation of OpenSSL docs into French.
So in your opinion, I'm basically compaining because I can't read english? This is getting rude. :-/
It seems to me that you cannot read what is plainly in front of your face, for whatever reason. The fact that you can use environment variables to augment the OpenSSL configuration file is clearly documented at the top of the OpenSSL config(5) manual page. The use of "subjectAltName" has multiple examples in the default openssl.cnf file that is bundled with every OpenSSL release. The meaning of the word "alternative" in subjectAlternativeName is plain English, and again even the OpenLDAP Admin Guide says "Additional alias names and wildcards may be present in the subjectAltName certificate extension." The FAQ-o-Matic is pretty explicit too.
http://www.openldap.org/doc/admin23/tls.html#TLS%20Certificates http://www.openldap.org/faq/index.cgi?file=185
Yet despite all the work you've put into this you've missed all of these very obvious things.
Your initial assertion that the documentation for this topic is hidden or unavailable is clearly wrong. You assertion that it is in general difficult to understand doesn't seem well supported either; googling for "subjectaltname openldap" returns hundreds of hits. So it falls to just the fact that you had a hard time understanding it.
-- -- Howard Chu Chief Architect, Symas Corp. http://www.symas.com Director, Highland Sun http://highlandsun.com/hyc/ Chief Architect, OpenLDAP http://www.openldap.org/project/