From: Ansgar Burchardt <ansgar@debian.org>
Date: Mon, 18 May 2015 18:12:40 +0000 (+0200)
Subject: Do not require TLS for LDAP.
X-Git-Url: https://git.decadent.org.uk/gitweb/?p=dak.git;a=commitdiff_plain;h=1b6b5cae83a56194087eff375bbe37022bd32094

Do not require TLS for LDAP.

Somehow this broke with the upgrade to Debian 8. As the information is
more or less informational (connect keys to accounts), do not require
TLS for LDAP connections for a moment.
---

diff --git a/config/debian-security/dak.conf b/config/debian-security/dak.conf
index 9eb08293..42aa1e47 100644
--- a/config/debian-security/dak.conf
+++ b/config/debian-security/dak.conf
@@ -56,7 +56,7 @@ Import-LDAP-Fingerprints
 {
   LDAPDn "ou=users,dc=debian,dc=org";
   LDAPServer "db.debian.org";
-  CACertFile "/etc/ssl/certs/db.debian.org.pem";
+  // CACertFile "/etc/ssl/certs/db.debian.org.pem";
   ExtraKeyrings
   {
     "/srv/keyring.debian.org/keyrings/removed-keys.pgp";
diff --git a/config/debian/dak.conf b/config/debian/dak.conf
index f07a83bd..8a189373 100644
--- a/config/debian/dak.conf
+++ b/config/debian/dak.conf
@@ -99,7 +99,7 @@ Import-LDAP-Fingerprints
 {
   LDAPDn "ou=users,dc=debian,dc=org";
   LDAPServer "db.debian.org";
-  CACertFile "/etc/ssl/certs/db.debian.org.pem";
+  // CACertFile "/etc/ssl/certs/db.debian.org.pem";
   ExtraKeyrings
   {
     "/srv/keyring.debian.org/keyrings/removed-keys.pgp";