[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS certs needed for Provider and consumer



Am Tue, 1 Jun 2010 14:33:28 -0400
schrieb "Sotomayor, Vicente (ITD)" <Vicente.Sotomayor@state.ma.us>:

> Hello Everyone:
> 
> Does anyone a have a link the shows what steps are needed to for
> creating certs for a Provider and Consumer? I've been able to do it
> for Provider, but I'm stuck on what to do for the consumer.

What do you want to achieve? Is it just a TLS session or in addition a
SASL EXTERNAL authentication?
A startTLS session requires olcSyncrepl: starttls=yes
tls_cacert=/path/to/CA, you may add tls_reqcert=demand.
A SASL EXTERNAL authentication in addition requires a user certificate
and a certificate key.

-Dieter

-- 
Dieter Klünter | Systemberatung
sip: +49.40.20932173
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6