[Bug 778865] New: openldap client is missing enable/disable tls/ssl option
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=778865 https://bugzilla.novell.com/show_bug.cgi?id=778865#c0 Summary: openldap client is missing enable/disable tls/ssl option Classification: openSUSE Product: openSUSE 12.2 Version: Final Platform: x86-64 OS/Version: openSUSE 12.2 Status: NEW Severity: Critical Priority: P5 - None Component: YaST2 AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: voyager_sat@hotmail.com QAContact: jsrain@suse.com Found By: --- Blocker: --- User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0 missing ssl/tls enable/disable option Reproducible: Always Steps to Reproduce: 1.setup an ldap without TLS 2.go to the ldap client and try to setup the client 3.the error about the enabled TLS is occuring EVERY time Actual Results: the error occured each time and the ldap client is not working making also other application to affected by that (samba,dns,etc) -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=778865
https://bugzilla.novell.com/show_bug.cgi?id=778865#c
dimitrios voyiatzis
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=778865
https://bugzilla.novell.com/show_bug.cgi?id=778865#c1
Marcus Meissner
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=778865
https://bugzilla.novell.com/show_bug.cgi?id=778865#c2
Andreas Vetter
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=778865
https://bugzilla.novell.com/show_bug.cgi?id=778865#c3
--- Comment #3 from Andreas Vetter
From manual page of ldap.conf:
TLS_REQCERT <level> Specifies what checks to perform on server certificates in a TLS session, if any. The <level> can be specified as one of the following keywords: never The client will not request or check any server certificate. allow The server certificate is requested. If no certificate is provided, the session proceeds normally. If a bad cer- tificate is provided, it will be ignored and the session proceeds normally. try The server certificate is requested. If no certificate is provided, the session proceeds normally. If a bad cer- tificate is provided, the session is immediately terminated. demand | hard These keywords are equivalent. The server certificate is requested. If no certificate is provided, or a bad cer- tificate is provided, the session is immediately terminated. This is the default setting. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
![](https://seccdn.libravatar.org/avatar/3035b38ff33cf86f480bb169b8500b80.jpg?s=120&d=mm&r=g)
https://bugzilla.novell.com/show_bug.cgi?id=778865
https://bugzilla.novell.com/show_bug.cgi?id=778865#c4
Ralf Haferkamp
participants (1)
-
bugzilla_noreply@novell.com