On 4 Feb 2021, at 19:52, ADELIN Arnaud
Thank you for your quick reply.
* You ran the wget on the CRL from on the LDAP server itself and confirmed it.
* Did you wget every CRL for the entire CA chain?
In my setup, there is only one CRL url that is set in the LDAP server certificate.
This CRL is available thanks to wget.
I think perhaps that this may end up escalating to a bug in nss then, as we need more
information from that library to proceed here. :(
For the moment, I will try to disable the CRL.
I hope this work around will be accepted by my manager.
389-users mailing list -- 389-users(a)lists.fedoraproject.org
To unsubscribe send an email to 389-users-leave(a)lists.fedoraproject.org
Fedora Code of Conduct: https://docs.fedoraproject.org/en-US/project/code-of-conduct/
List Guidelines: https://fedoraproject.org/wiki/Mailing_list_guidelines
Senior Software Engineer, 389 Directory Server
SUSE Labs, Australia