Defect #8091: LDAP Authentificaton doesn't verify certificate validity - Redmine

Actions

Copy link

Defect #8091

closed

LDAP Authentificaton doesn't verify certificate validity

Added by steven Mr over 13 years ago. Updated over 13 years ago.

Status:

Closed

Priority:

Normal

Assignee:

Category:

LDAP

Target version:

Start date:

2011-04-05

Due date:

% Done:

Estimated time:

Resolution:

Duplicate

Affected version:

1.1.2

Description

Security-Bug:
LDAP Authentificaton doesn't verify certificate validity of the LDAP-server-certificate. Connection to the LDAP-Server with LDAPS is established, even if the server name in the certifitcate doesn't match or the certificate authority is not trustful.

Solution: If something is wrong with the certificate, or the certificate authority is not trustful, the connection to the LDAP-Server should be closed and any LDAP-Login should be disabled.

Related issues

History
Notes
Property changes

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Redmine

Custom queries

Defect #8091

LDAP Authentificaton doesn't verify certificate validity

Updated by Toshi MARUYAMA over 13 years ago

Updated by Etienne Massip over 13 years ago

Updated by Tony Edmonds over 13 years ago

Updated by Etienne Massip over 13 years ago