my ($ldap) = @_;
my $mesg = $ldap->start_tls(
verify => 'require',
- # Cannot specify the server cert, must specify the CA cert
- #cafile => '/etc/ssl/servicecerts/db.debian.org.crt'
- #cafile => '/etc/ssl/certs/UTN_USERFirst_Hardware_Root_CA.pem'
- cafile => '/usr/share/ca-certificates/mozilla/AddTrust_External_Root.crt'
+ cafile => $config{sslcafile},
);
$mesg->sync;
if ($mesg->code != LDAP_SUCCESS) {
* Add dependency on libcrypt-cbc-perl.
* Use $config{maildomain} in update.cgi instead of hardcoded db.d.o.
+ * Use $config{sslcafile} instead of hardcoding the path to the SSL CA
+ in Util.pm.
- -- Peter Palfrader <weasel@debian.org> Sat, 03 Jan 2015 13:49:22 +0100
+ -- Peter Palfrader <weasel@debian.org> Sat, 03 Jan 2015 13:56:47 +0100
userdir-ldap-cgi (0.3.39) unstable; urgency=medium