Wrong documentation for TLSCipherSuite
Bug #317401 reported by
Hark
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
openldap2.3 (Ubuntu) |
Fix Released
|
Low
|
Unassigned |
Bug Description
In the manual page for slapd.conf reads
<cipher-
in the description of TLSCipherSuite. This is wrong, as openldap uses gnutls instead of openssl now. Also the given example
TLSCipherSuite HIGH:MEDIUM:+SSLv2
is wrong, this won't work for gnutls and slapd won't start with this configuration.
To post a comment you must log in.
Can anyone explain what the syntax is for using more than one cipher with gnutls TLSCipherSuite?
Using a colon separated list fails even when the individual items from the list work as single ciphers. That is to say:
TLSCipherSuite FOO
works and
TLSCipherSuite BAR
works but
TLSCipherSuite FOO:BAR
results in slapd not starting up.