Originally Posted by Marcel_Cox
|
|
IT seems that Novell now has a fix for the issue. If you have an SR open on the issue, you should receive the fix. It should also be published on the patch channel relatively soon.
|
Yes, got a fix to test yesterday but unfortunately it didn't resolve my issue (although the behavior has changed slightly).
As a side note, having investigated this a little further I see that the certificate downloaded is actually the trusted root certificate of the tree's CA - this being the case, the same cert can be used to connect to any of the servers in my nam.conf (as they are all in the same tree and were all issued certs from the same CA). The implication of this is that I dont really see why if I have 3 servers defined (one preferred and two alternates) I should have to download this cert 3 times - the same cert can be used for all three. In fact, a workaround that I have just put in place is to simply copy the cert downloaded for my preferred server (myserver.der if preferred-server=myserver) to a new file named by whatever my alternate servers are called - i.e. if alternative-ldap-server-list=mybackupserver then I copy .myserver.der to .mybackupserver.der. This seems to work fine with LUM able to connect over LDAPS to mybackupserver if myserver becomes unavailable.
Cheers,
Re: LUM - alternative LDAP server certificates
Threaded Mode
