[Date Prev][Date Next]
[Fwd: Preliminary TLS/SSL success]
Awesome work! Kudos to you and Bart!
Julio Sánchez Fernández wrote:
> Well, if you have been following the commits, you will know that I have
> been integrating Bart's work. This is to let you know that slapd now
> seems to work.
> My config file now reads like this:
> TLSCertificateFile /usr/lib/openssl/testcert.pem
> TLSCertificateKeyFile /usr/lib/openssl/testkey.pem
> TLSCACertificateFile /usr/lib/openssl/demoCA/cacert.pem
> TLSCACertificatePath /usr/lib/openssl/demoCA/certs
> But the last two lines do nothing, since I have not created client
> certificates and we are not verifying the received certificates yet.
> I am too busy to complete this work. I still will be working on the
> slapd side, since I need a functional setup where Netscape-based clients
> access the directory and authenticate using client certificates. But I
> will not do anything about TLS on SASL nor the clients. Neither will I
> do the reorganization of input/output that has been suggested for
> So if you want to contribute, there are lots of things you can do here.
> Testing is the most obvious thing, but anything that you can think of
> will be of help.
> I will start updating the manpages immediately.
> Any help is welcome.
> P.S. Kurt, if you want to make a public announcement or request for
> help on -devel, feel free to quote from this message freely.
Volunteers are encouraged to get involved!