[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SSL/TLS server certificate

To: Mark Toung <mark@giddieup.net>
Subject: Re: SSL/TLS server certificate
From: Tarjei Huse <tarjei@nu.no>
Date: Sat, 01 May 2004 19:04:04 +0200
Cc: Tony Earnshaw <tonye@billy.demon.nl>, Openldap list <openldap-software@OpenLDAP.org>
In-reply-to: <20040430193708.A6852@kramer.argonath.com>
References: <200404301656.i3UGu9f2032077@relay1.fe.up.pt> <1083371042.7852.330.camel@localhost> <20040430193708.A6852@kramer.argonath.com>

On Sat, 2004-05-01 at 04:37, Mark Toung wrote:
> http://www.openldap.org/pub/ksoper/OpenLDAP_TLS_howto.html#3.1

This one is also quite ok when you're getting into certs:
http://tirian.magd.ox.ac.uk/~nick/openssl-certs/others.shtml



Tarjei
> 
> heres a pretty good howto on how to setup certificates for use in ldap
> 
> On May01, 02:24, Tony Earnshaw wrote:
> > fre, 30.04.2004 kl. 18.55 skrev Jorge Ruão:
> > 
> > > Is there any tls configuration needed? What can be wrong?
> > 
> > Yes, obviously. You have to copy the server CA certificate onto the
> > client and tell the client where it is. For this you use Openldap's
> > ldap.conf (the one in /etc/openldap or /usr/local/etc/openldap, not the
> > one in /etc). 'man ldap.conf', look for TLS OPTIONS, add TLS_CACERT
> > /path/to/cert. You'll see that instead of ldap.conf you can use ldaprc
> > or .ldaprc.
> > 
> > --Tonni
> > 
> > -- 
> > 
> > We make out of the quarrel with others rhetoric
> > but out of the quarrel with ourselves, poetry.
> > 
> > mail: billy - at - billy.demon.nl
> > http://www.billy.demon.nl

References:
- RE: SSL/TLS server certificate
  - From: Tony Earnshaw <tonye@billy.demon.nl>
- Re: SSL/TLS server certificate
  - From: Mark Toung <mark@giddieup.net>

Prev by Date: Re: performance probs
Next by Date: gnomevfs-ldap
Index(es):
- Chronological
- Thread