directory-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Zicklag (Jira)" <j...@apache.org>
Subject [jira] [Created] (DIRSTUDIO-1255) ApacheDS Does Not Send TLS HostSNI Extension Information in Requests
Date Thu, 10 Sep 2020 01:19:00 GMT
Zicklag created DIRSTUDIO-1255:
----------------------------------

             Summary: ApacheDS Does Not Send TLS HostSNI Extension Information in Requests
                 Key: DIRSTUDIO-1255
                 URL: https://issues.apache.org/jira/browse/DIRSTUDIO-1255
             Project: Directory Studio
          Issue Type: Bug
          Components: studio-ldapservers
    Affects Versions: 2.0.0-M15
         Environment: Pop!_OS ( Ubuntu ) 20.04
            Reporter: Zicklag


I have an LDAP server that is hosted behind a Traefik reverse proxy that is used to generate
trusted TLS certificates that are terminated before hitting the LDAP server. The Traefik proxy
uses the Host SNI TLS extension in order to determine whether or not to route the request
to the LDAP server or something else, but ApacheDS Studio does not send the Host SNI data
in its request which means that Traefik cannot determine that the request is supposed to be
routed to the LDAP server.

 

Connecting to the LDAP server works fine using curl because curl sends the server name data
in its request. I used Wireshark to double-check the request coming from ApacheDS Studio and
verified that the server name extension was not present on the TLS request.



--
This message was sent by Atlassian Jira
(v8.3.4#803005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@directory.apache.org
For additional commands, e-mail: dev-help@directory.apache.org


Mime
View raw message