[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: tsl troubles





--On Saturday, September 04, 2004 1:06 PM -0700 "Kurt D. Zeilenga" <Kurt@OpenLDAP.org> wrote:

At 12:40 PM 9/4/2004, SUBREDU Manuel wrote:
Kurt D. Zeilenga wrote:
At 11:45 AM 9/4/2004, SUBREDU Manuel wrote:
This doesn't require client certificates, just an server certificate.
A client certificate would only be needed if the LDAP client desired
to use TLS-based client authentication.

Hmmm .. you are saying that the client can connect to the server using _just_ the server certificate ?

Much like when you use a web browser to visit a web site. Your web browser doesn't need to present a client certificate to create an encrypted session. Just the web server needs to have a server certificate. The web browser just needs to have the CA's available to validate the server's cert.


--Quanah


-- Quanah Gibson-Mount Principal Software Developer ITSS/Shared Services Stanford University GnuPG Public Key: http://www.stanford.edu/~quanah/pgp.html