Re: LDAP and SSL

[Chasecreek Systemhouse <chasecreek.systemhouse@gmail.com>]

On Mon, 29 Nov 2004 12:52:19 -0500, jmorin@dominiondiagnostics.com
<jmorin@dominiondiagnostics.com> wrote:
> I had this same problem a few weeks ago.  Check out my prior post, I
> outlined what worked for me.
> If you have any specific questions, feel free to ask.

Yes, I had previously read the replication thread and I do believe I
have my Cert, Req, and Key installed correctly.

I'm not to the point of even doing replication -- I would be happy to
just converse with LDAP via SSL  =)

I feel the documentaion on this subject is good (I have been building
Apache SSL servers for some years now and have even programmed Perl
and SSL, communicating with an NT IIS server.)   However, either I am
missing something basic or I have failed to understand a key aspect of
LDAP via SSL.

How do I *prove* my DN matches my *CN* ???  Is this openssl.cnf entry
even valid for OpenLDAP 2.1.3?

subjectAltName=IP:192.168.2.2,DNS:debian.insecurity.org,DNS:*.insecurity.org,DNS:localhost.localdomain


I apologize for being so dense on this matter.

-- 
WC -Sx- Jones
http://insecurity.org/