Cisco Bug: CSCvs37524 - ESA not using the configured certificate for LDAP over SSL
Jan 23, 2020
- Cisco Email Security Appliance
Known Affected Releases
Symptom: ESAs on 12.5.1-031 where LDAP is configured to use SSL will not use the LDAP certificate configured and default to the Default System Certificate. When this occurs, any SSL handshake connection where certificate validation is done by the LDAP server will result in a FATAL alert with Unknown CA (seen within a packet capture) as the default system certificate is self signed. Conditions: ESA on 12.5.1-031 build. ESA has configured LDAP functionality. ESA has configured a custom signed certificate for usage. LDAP server is configured to validate certificates.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases