[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Configuring TLS

To: Jay Chandler <chandler.lists@chapman.edu>, openldap-software@openldap.org
Subject: Re: Configuring TLS
From: Quanah Gibson-Mount <quanah@zimbra.com>
Date: Wed, 25 Jul 2007 12:59:48 -0700
Content-disposition: inline
In-reply-to: <46A7A124.4070109@chapman.edu>
References: <46A7A124.4070109@chapman.edu>

--On Wednesday, July 25, 2007 12:14 PM -0700 Jay Chandler <chandler.lists@chapman.edu> wrote:

Howdy.

We run an OpenLDAP environment that I'm attempting to lock down.

Right now all LDAP communication takes place in cleartext-- obviously
this isn't optimal.  I'm attempting to configure TLS, and hitting a few
snags.

On the server I've generated a PEM that includes both the key and the
certificate.  I've also broken them down into component files.  Given
that this isn't a signed certificate, what are the options I need in
slapd.conf?


<http://www.openldap.org/doc/admin23/tls.html>

In particular, note that requirement for the CA cert to be findable, even for self-signed certs.

--Quanah


--
Quanah Gibson-Mount
Principal Software Engineer
Zimbra, Inc
--------------------
Zimbra ::  the leader in open source messaging and collaboration

References:
- Configuring TLS
  - From: Jay Chandler <chandler.lists@chapman.edu>

Prev by Date: Configuring TLS
Next by Date: Re: Configuring TLS
Index(es):
- Chronological
- Thread