[Date Prev][Date Next] [Chronological] [Thread] [Top]

[Fwd: Preliminary TLS/SSL success]

Awesome work!  Kudos to you and Bart!

Julio Sánchez Fernández wrote:
> Hi,
> Well, if you have been following the commits, you will know that I have
> been integrating Bart's work.  This is to let you know that slapd now
> seems to work.
> My config file now reads like this:
> TLSCertificateFile      /usr/lib/openssl/testcert.pem
> TLSCertificateKeyFile   /usr/lib/openssl/testkey.pem
> TLSCACertificateFile    /usr/lib/openssl/demoCA/cacert.pem
> TLSCACertificatePath    /usr/lib/openssl/demoCA/certs
> But the last two lines do nothing, since I have not created client
> certificates and we are not verifying the received certificates yet.
> I am too busy to complete this work.  I still will be working on the
> slapd side, since I need a functional setup where Netscape-based clients
> access the directory and authenticate using client certificates.  But I
> will not do anything about TLS on SASL nor the clients.  Neither will I
> do the reorganization of input/output that has been suggested for
> liblber.
> So if you want to contribute, there are lots of things you can do here.
> Testing is the most obvious thing, but anything that you can think of
> will be of help.
> I will start updating the manpages immediately.
> Any help is welcome.
> Julio
> P.S.  Kurt, if you want to make a public announcement or request for
> help on -devel, feel free to quote from this message freely.

Volunteers are encouraged to get involved!