[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: OpenLDAP + TLS

Anderson Alves de Albuquerque wrote:



My server and client are in the one computer.

I put in mu config server (slapd.conf):
------------------- slapd.conf ---------------------
TLSCipherSuite HIGH:MEDIUM:+SSLv2:+SSLv3:RSA:+TLSv1
TLSCACertificateFile /usr/local/openldap-data/cacert.pem
TLSCertificateFile /usr/local/openldap-data/servercrt.pem
TLSCertificateKeyFile /usr/local/openldap-data/serverkey.pem
TLSVerifyClient demand
TLSCACertificatePath /usr/local/openldap-data/
--------------------------------------------------


In my client:
-------------- ldap.conf ----------------------------
TLS_CACERT /etc/ldap/cacert.pem
TLS_CACERTDIR /etc/ldap/
TLS_CERT /usr/local/openldap-data/servercrt.pem
TLS_KEY /usr/local/openldap-data/serverkey.pem
TLS_REQCERT demand
------------------------------------------------------





See how you go with "TLSVerifyClient try" and "TLS_REQCERT try"

Regards,


Warren Howard
www.nature-soft.com