[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Netscape Certificates in OpenLDAP
Giuseppe Lo Biondo wrote:
>
> To store the certificate I encoded a pem file
You have to encode a DER-encoded cert file. If you're using OpenSSL
you have to convert the cert with "openssl x509 [..] -outform DER".
If the cert is stored properly it's displayed in the Netscape
Navigator when accessing the appropriate LDAP URL (e.g. by
double-clicking the address book entry).
> Now I wonder who decodes the certificate! slapd or the client?
The client.
> "userCertificate;binary" is an attibute on his own and only the clients
> recognise it?
Yes.
> -----BEGIN CERTIFICATE-----
> MIID+DCCA2GgAwIBAgIBSzANBgkqhkiG9w0BAQQFADBGMQswCQYDVQQGEwJJVDEN
> ....
> ....
> -----END CERTIFICATE-----
Wrong.
Ciao, Michael.