[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
TLS options in 2.0.6 and HEAD
Folks,
As I read the slapd code, it appears that
o TLSVerifyClient is broken in 2.0.6 (at least the config file
reading for it is). This appears to be fixed in HEAD, correct?
o I am a little unclear of the use of TLSCACertificatePath
and TLSCACertificateFile. I assume that these are for
specifying a CA used to verify the slapd server's certificate
in the case where it is not self-signed. Can someone briefly
explain the difference between the Dir and Path? The
documentation on SSL_CTX_load_verify_locations() seems
to be a little sparse. Do these work in 2.0.6?
Cheers, jerry
----------------------------------------------------------------------
/\ Gerald (Jerry) Carter Professional Services
\/ http://www.valinux.com/ VA Linux Systems gcarter@valinux.com
http://www.samba.org/ SAMBA Team jerry@samba.org
http://www.plainjoe.org/ jerry@plainjoe.org
"...a hundred billion castaways looking for a home."
- Sting "Message in a Bottle" ( 1979 )