Do not require TLS for LDAP.

Somehow this broke with the upgrade to Debian 8. As the information is
more or less informational (connect keys to accounts), do not require
TLS for LDAP connections for a moment.

diff --git a/config/debian-security/dak.conf b/config/debian-security/dak.conf
index 9eb082937a073c54ce8898b68d5ab462cc00b283..42aa1e478d36967b0395dbdd54ae3721d8db566b 100644 (file)
--- a/config/debian-security/dak.conf
+++ b/config/debian-security/dak.conf
@@ -56,7 +56,7 @@ Import-LDAP-Fingerprints
 {
   LDAPDn "ou=users,dc=debian,dc=org";
   LDAPServer "db.debian.org";
-  CACertFile "/etc/ssl/certs/db.debian.org.pem";
+  // CACertFile "/etc/ssl/certs/db.debian.org.pem";
   ExtraKeyrings
   {
     "/srv/keyring.debian.org/keyrings/removed-keys.pgp";

diff --git a/config/debian/dak.conf b/config/debian/dak.conf
index f07a83bd632a248f9f2752b2a79616caab6b8b61..8a189373662cc2f4271e4223be8d66ecac58b8d4 100644 (file)
--- a/config/debian/dak.conf
+++ b/config/debian/dak.conf
@@ -99,7 +99,7 @@ Import-LDAP-Fingerprints
 {
   LDAPDn "ou=users,dc=debian,dc=org";
   LDAPServer "db.debian.org";
-  CACertFile "/etc/ssl/certs/db.debian.org.pem";
+  // CACertFile "/etc/ssl/certs/db.debian.org.pem";
   ExtraKeyrings
   {
     "/srv/keyring.debian.org/keyrings/removed-keys.pgp";