[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: ITS#8286 round 2
Howard Chu wrote:
> Quanah Gibson-Mount wrote:
>> --On Tuesday, December 18, 2018 5:53 PM +0000 Howard Chu <hyc@symas.com> wrote:
>>
>>>>
>>>> ---------------- servers/slapd/bconfig.c -----------------------
>>>
>>>> olcTLSCertificateKey -- ??? (Private SYNTAX OID) Shouldn't the SYNTAX
>>>> be 1.3.6.1.4.1.1466.115.121.1.8? And use certificateExactMatch?
>>>
>>> No, a key is not a certificate. Keys are stored in PKCS#8 encoding.
>>
>> So what's the matching rule for it? ;)
>
> I suppose it'll have to be octetStringMatch.
The syntax needs to be changed, it should be 1.2.840.113549.1.8. I don't see
any benefit to using anything other than octetStringMatch though.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/