Re: Problem when add more value to userCertificate attribute...

["Gayathri.A" <gayathri@odysseytec.com>]

hi,

    I'm also standing at the same point as Siok Peng for adding
certificates. When i need to add more than one CA certificate, i'm stuck. Is
certifcate matching allowed in openldap?
If not, how do i create the matching rule? I'm not provided with any
choices. So I have to create. Please suggest.....

Thank You.

A. Gayathri

----- Original Message -----
From: Siok Peng <siokpeng@transparity.com>
To: <michael@stroeder.com>; <openldap-software@OpenLDAP.org>
Sent: Friday, September 14, 2001 9:24 AM
Subject: Re: Problem when add more value to userCertificate attribute...


> When I try to add the matching rule "certificateExactMatch" to standard
> schema, an error occur :
>      ... MatchingRule not found ....
>
> I don't know what happen to Openldap v2. Why it didn't support some
important
> matching rules (for me). I really need it to add and delete certificates
to
> my ldap server. Can anyone tell me what can i do now ?
>
> Regards,
> Siok Peng
>
> Siok Peng wrote:
>
> > If I use replace instead of add, the old certificate will replace by the
> > new one. That's what I don't want it to be happen. I need to keep the
old
> > certificate also. Can I add the 'Matching Rule' to certificate schema ?
> >
> > Regards,
> > Siok Peng
> >
> > Michael Ströder wrote:
> >
> > > Siok Peng wrote:
> > > >
> > > > Geert Van Muylem wrote:
> > > >
> > > > > When you "add" the 2nd certificate, the server tries the compare
> > > > > the cert to check whether or not it already exist BUT
> > > > > the OpenLDAP server does not support certificate matching!
> > > > > Use a replace with the old and the new certificate instead.
> > > >
> > > > That's mean i cannot have more than one certificate for one entry ?
> > >
> > > No. Read Geert's hint more carefully. Use replace instead of add.
> > >
> > > Ciao, Michael.
>