Bug 35253

Summary: TLS / SSL connection without the root certificate
Product: UCS Reporter: Stefan Gohmann <gohmann>
Component: AD ConnectorAssignee: Stefan Gohmann <gohmann>
Status: CLOSED FIXED QA Contact: Felix Botner <botner>
Severity: normal    
Priority: P5 CC: walkenhorst
Version: UCS 3.2   
Target Milestone: UCS 3.2-2-errata   
Hardware: Other   
OS: Linux   
What kind of report is it?: --- What type of bug is this?: ---
Who will be affected by this bug?: --- How will those affected feel about the bug?: ---
User Pain: Enterprise Customer affected?:
School Customer affected?: ISV affected?:
Waiting Support: Flags outvoted (downgraded) after PO Review:
Ticket number: Bug group (optional):
Max CVSS v3 score:

Description Stefan Gohmann univentionstaff 2014-07-04 06:55:29 CEST 
See Bug #35091. It would be nice if the root certificate from AD is not required for creating a TLS connection. Sure, it should be possible to upload and user the root certificate and in this case the certificate chain should be checked.
Comment 1 Stefan Gohmann univentionstaff 2014-07-07 08:53:30 CEST 
It is no possible to activate SSL even if the root certificate is not given.

Code: r51507
YAML: r51543 + r51544
Comment 2 Felix Botner univentionstaff 2014-07-07 11:57:42 CEST 
OK - ad-connectors ssl works with and without the AD root certificate
OK - YAML
Comment 3 Janek Walkenhorst univentionstaff 2014-08-07 17:44:34 CEST 
http://errata.univention.de/ucs/3.2/162.html