[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: (ITS#3554) enhancement: slurpd should use slapd's TLS configuration



Kurt D. Zeilenga wrote:

>At 04:26 PM 2/18/2005, hyc@OpenLDAP.org wrote:
>  
>
>>Full_Name: Howard Chu
>>Version: 
>>OS: 
>>URL: ftp://ftp.openldap.org/incoming/
>>Submission from: (NULL) (24.126.120.178)
>>Submitted by: hyc
>>
>>
>>We got a request to add something like this. The slapd already has certificates
>>configured, etc., and they'd like slurpd to bind to the slave using
>>SASL/EXTERNAL with the existing certificates instead of needing a (redundant)
>>configuration in the slurpd user's .ldaprc file. It seems like a reasonable
>>request, given the amount of confusion that the current situation creates.
>>    
>>
>
>But what if the user wants slurpd to use distinct certificates
>from the providing slapd?
>
>Kurt 
>
>  
>

Hm, good point... It's too bad we used distinct TLS keywords for slapd.conf and ldap.conf, otherwise we could just write a single file and include it from both places. (would need to add an include directive to ldap.conf too...)

-- 
  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support