atom feed30 messages in org.openldap.openldap-softwareRe: failover config: servers with sam...
FromSent OnAttachments
Emmanuel DreyfusJul 23, 2007 6:51 am 
Quanah Gibson-MountJul 23, 2007 11:01 am 
Emmanuel DreyfusJul 23, 2007 1:09 pm 
Quanah Gibson-MountJul 23, 2007 1:18 pm 
Russ AllberyJul 23, 2007 4:35 pm 
Christopher CowartJul 23, 2007 7:40 pm 
Howard ChuJul 23, 2007 9:58 pm 
Emmanuel DreyfusJul 24, 2007 1:02 am 
Howard ChuJul 24, 2007 1:54 am 
Emmanuel DreyfusJul 24, 2007 12:18 pm 
Quanah Gibson-MountJul 25, 2007 8:53 am 
Emmanuel DreyfusJul 25, 2007 9:07 am 
Quanah Gibson-MountJul 25, 2007 9:48 am 
Michael StröderJul 25, 2007 9:53 am 
Emmanuel DreyfusJul 25, 2007 10:36 am 
Quanah Gibson-MountJul 25, 2007 10:47 am 
Howard ChuJul 25, 2007 2:31 pm 
Michael StröderJul 25, 2007 2:39 pm 
Howard ChuJul 25, 2007 2:45 pm 
Russ AllberyJul 25, 2007 2:46 pm 
Norman GaywoodJul 25, 2007 3:04 pm 
Emmanuel DreyfusJul 25, 2007 8:31 pm 
Emmanuel DreyfusJul 25, 2007 8:31 pm 
Howard ChuJul 25, 2007 11:18 pm 
Ralf HaferkampJul 26, 2007 1:28 am 
Emmanuel DreyfusJul 26, 2007 4:04 am 
Emmanuel DreyfusJul 26, 2007 4:04 am 
Donn CaveJul 26, 2007 9:39 am 
Ralf HaferkampJul 26, 2007 11:47 am 
Howard ChuJul 27, 2007 2:14 am 
Subject:Re: failover config: servers with same DNS address and TLS, subjectAltName extension
From:Howard Chu (
Date:Jul 25, 2007 2:45:13 pm

Emmanuel Dreyfus wrote:

Quanah Gibson-Mount <> wrote:

As pointed out by Howard multiple times, nearly everything you "couldn't find" was actually available online, in the form of published documentation, by the folks who provided the software.

If you speak about the subjectAltName stuff, there is IMO a huge gap getween OpenSSL reference documentation and how to actually do it. The information is there, but there is a lot of required reading if you want to do something. And there are a lot of mistake to do before getting it done (cf my first attempt with subjectAltName outside the extension section)

Since it is an OpenSSL topic, it would make the most sense for you to submit some suggested doc changes to the OpenSSL team. Though I suspect that in the 7 or so years that OpenLDAP has supported OpenSSL, many people have been confronted with this problem, read the docs, and implemented the solution and moved on to the next thing, without any fuss. As such, the relative ease with which the problem is typically solved doesn't merit a writeup for Google to

It may just mean there is a language barrier, something that would better be served by a translation of OpenSSL docs into French.

The fact that you went to Google *before* going to the sites that actually distribute the software and reading their documentation is unfortunately the same thing many other people do to. And then they tend to complain about the lack of documentation.

Okay, so that could surprise you, but I actually started by searching the OpenLDAP doc and FAQ. Then the OpenSSL web site, then Google...

That item is worth an OpenLDAP FAQ entry IMO, even if it's not really an OpenLDAP problem. How one contribute FAQ entries, BTW? I just add it to Faq-O-Matic?

Yes, anybody can add entries to the FAQ (hasn't that been said enough times already?), and you're welcome to add your corrected writeup there.