We're a community of 1077K IT Pros here for help, advice, solutions, professional growth and fun. Join us!
1,076,382 Members — Technology Publication meets Social Media
Username:
Password:
Lost login information?
Start New Discussion Reply to this Discussion
Ad: BlackBerry® Z10
1 Year Ago
0

How to ignore TLS : hostname does not match CN in peer certificate

We have been getting this error and needs to be fixed.

We use python code to connect to LDAP and this is trowing the following

ldap.SERVER_DOWN: {'info': 'TLS: hostname does not match CN in peer certificate', 'desc': "Can't contact LDAP server"}

Is there a way to ignore this name mismatch?

The same thing is working on java to LDAP but in python its failing.

2
Contributors
1
Reply
32 Minutes
Discussion Span
1 Year Ago
Last Updated
3
Views
kuchi
Light Poster
35 posts since Aug 2010
Reputation Points: 10
Solved Threads: 0
Skill Endorsements: 0
1 Year Ago
0

Configuring in OpenLDAP 2.1 and later - Since 2.1, the client libraries will verify server certificates. This change requires clients to add the TLS_CACERT (or, alternately, the TLS_CACERTDIR) option to their system-wide ldap.conf(5) file. Without this setting, the LDAP clients will fail to make any TLS/SSL connections to any servers.

See the Using TLS chapter of the OpenLDAP Software Admin Guide for more information

http://www.openldap.org/faq/index.cgi?_highlightWords=ssl&file=185

pyTony
pyMod
Moderator
6,312 posts since Apr 2010
Reputation Points: 879
Solved Threads: 987
Skill Endorsements: 26

This article has been dead for over three months: Start a new discussion instead

Post: Markdown Syntax: Formatting Help
 
You
Software Development > Python
 
© 2013 DaniWeb® LLC
Page rendered in 0.0589 seconds using 2.65MB