Hi Willam,
>>
>> Thanks, here is the github ticket:
>> https://github.com/389ds/389-ds-base/issues/4460
>>
>
> No problem. We've just merged the fix and backported it. I don't know when it
> will ship in RHEL/CentOS, but I'm sure it will be soon in an upcoming update.
Well i usually do not use rpms - we compile from git sources, i used them only to make a demo of the problem.
Thanks for the commit, i have tested the fix. It resolves a half of the problem - indeed the TLS_REQCERT is now taken into account from /etc/openldap/ldap.conf. But the certificate bundle part (TLS_CACERT parameter or system bundle in its ansence) is still not taken into account. TLS_CACERT works correctly in dsconf 1.4.2 (and ldapsearch).
Regards,
Andrey
_______________________________________________
389-users mailing list -- 389-users@lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave@lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
List Archives: https://lists.fedoraproject.org/archives/list/389-users@lists.fedoraproject.org
No comments:
Post a Comment