[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Netscape Certificates in OpenLDAP

To: Giuseppe Lo Biondo <Giuseppe.LoBiondo@mi.infn.it>
Subject: Re: Netscape Certificates in OpenLDAP
From: Michael Ströder <michael.stroeder@inka.de>
Date: Wed, 22 Mar 2000 11:02:51 +0100
Cc: openldap-software@OpenLDAP.org
Organization: at Home
References: <Pine.LNX.4.21.0003220938570.20266-100000@prof.mi.infn.it>

Giuseppe Lo Biondo wrote:
> 
> To store the certificate I encoded a pem file

You have to encode a DER-encoded cert file. If you're using OpenSSL
you have to convert the cert with "openssl x509 [..] -outform DER".

If the cert is stored properly it's displayed in the Netscape
Navigator when accessing the appropriate LDAP URL (e.g. by
double-clicking the address book entry).

> Now I wonder who decodes the certificate! slapd or the client?

The client.

> "userCertificate;binary"  is an attibute on his own and only the clients
> recognise it?

Yes.

> -----BEGIN CERTIFICATE-----
> MIID+DCCA2GgAwIBAgIBSzANBgkqhkiG9w0BAQQFADBGMQswCQYDVQQGEwJJVDEN
> ....
> ....
> -----END CERTIFICATE-----

Wrong.

Ciao, Michael.

Follow-Ups:
- Re: Netscape Certificates in OpenLDAP
  - From: Giuseppe Lo Biondo <Giuseppe.LoBiondo@mi.infn.it>

References:
- Re: Netscape Certificates in OpenLDAP
  - From: Giuseppe Lo Biondo <Giuseppe.LoBiondo@mi.infn.it>

Prev by Date: Re: Netscape Certificates in OpenLDAP
Next by Date: Re: Netscape Certificates in OpenLDAP
Index(es):
- Chronological
- Thread