Bug 48860 – Proper TLS certificates (backed by public CA) on all LDAP end points.

Bug 48860 - Proper TLS certificates (backed by public CA) on all LDAP end points.


Summary:	Proper TLS certificates (backed by public CA) on all LDAP end points.

Status:	RESOLVED WONTFIX

Product:	UCS manual
Classification:	Unclassified
Component:	Domain services / LDAP
Version:	unspecified
Hardware:	Other Linux

Importance:	P5 normal (vote)
Target Milestone:	---
Assigned To:	Docu maintainers
QA Contact:

URL:	https://help.univention.com/t/ucsca-a...
Keywords:

Depends on:
Blocks:
	Show dependency tree / graph

Reported:	2019-03-05 14:51 CET by Christina Scheinig
Modified:	2024-04-17 13:19 CEST (History)
CC List:	2 users (show)

See Also:	35956
What kind of report is it?:	Bug Report
What type of bug is this?:	5: Major Usability: Impairs usability in key scenarios
Who will be affected by this bug?:	2: Will only affect a few installed domains
How will those affected feel about the bug?:	2: A Pain – users won’t like this once they notice it
User Pain:	0.114
Enterprise Customer affected?:	Yes
School Customer affected?:
ISV affected?:
Waiting Support:
Flags outvoted (downgraded) after PO Review:
Ticket number:	2019022721001201
Bug group (optional):	Security
Max CVSS v3 score:

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Christina Scheinig

2019-03-05 14:51:41 CET

This is the request of a customer:

We require the ability to properly verify TLS certificates to prevent MiTM attacks.
This is not possible with self signed certificates and breaks our tooling complying with modern standards.

Comment 1 Nico Gulden

2024-04-17 13:19:04 CEST

This bug hasn't seen any update for several years. I close it.

If you still see a need for it, you can reopen the bug. Please add an argumentation about why it's important to take care of it.