[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: openldap-2.0/TLS certificate error




I'm a bit shaky on the client side, maybe someone else has a more definitive answer.


How about on the client side? That is, how does
a client present certificate to slapd when requested?

You need to set TLS_KEY in your ldap.conf file to the path to your private key file, and TLS_CERT as well. In any case, this option is not fully implemented, since the server does not use the identity from the certificate.


and, how does a client verify server certificate
when presented?

That's not implemented yet. When it is, you'll need to have TLS_CACERT and TLS_CERT entries in ldap.conf.


Mark.