shibboleth-dev - RE: AA encountering old cert......
Subject: Shibboleth Developers
List archive
- From: Scott Cantor <>
- To: ,
- Subject: RE: AA encountering old cert......
- Date: Thu, 15 Jul 2004 22:04:49 -0400
- Organization: The Ohio State University
> I would have assumed, tho, that the ldap server returned this
> cert.... I wouldn't have expected the java libraries to be presenting
> a client cert.....
That would be accurate. sclient would probably show you something. I usually
just use IE, which is a good dialog box to show you certs when you connect:
https://directory.cis-qas.brown.edu:636
The nice thing about SSL is you can pretend it's a web server until after
the handshake. ;-)
> /usr/local/bin/ldapsearch -H ldaps://directory.cis-qas.brown.edu/ -b
> "dc=brown,dc=edu" -D "cn=stc_query,ou=special users,dc=brown,dc=edu"
> -w PASS brownnetid=steven_carmody
>
> does work....altho the ldapsearch doc makes no mention of ssl
> support....
Good thing, since they screwed it up. ;-) It's letting you connect to an
expired cert with no warning...
-- Scott
- AA encountering old cert......, Steven_Carmody, 07/15/2004
- RE: AA encountering old cert......, Scott Cantor, 07/15/2004
- Re: AA encountering old cert......, Walter Hoehn, 07/15/2004
Archive powered by MHonArc 2.6.16.