[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Netscape Certificates in OpenLDAP

On Wed, 22 Mar 2000, Michael [iso-8859-1] Ströder wrote:

> Giuseppe Lo Biondo wrote:
> > 
> > To store the certificate I encoded a pem file
> You have to encode a DER-encoded cert file. If you're using OpenSSL
> you have to convert the cert with "openssl x509 [..] -outform DER".

I've already tried (with oscar) to do so but netscape (4.72) crashes when
I try to display the entry. I'll try again using openssl.
> If the cert is stored properly it's displayed in the Netscape
> Navigator when accessing the appropriate LDAP URL (e.g. by
> double-clicking the address book entry).

Well, now I'm really confused! 

Here's what I've done:

/usr/local/sbin/ldif -b "usercertificate;binary" < certificate  > cert.ldif

where certificate is a pem file, and as you can see at the URL

ldap://bond.cnaf.infn.it/cn= Giuseppe Lo Biondo,ou=people,ou=Sezione di
Milano,o=Istituto Nazionale di Fisica Nucleare,c=it

The certificate is properly displayed (actually I don't know if it is
the right way but it looks like netscape is happy about the certificate).

> > ....
> > ....
> > -----END CERTIFICATE-----
> Wrong.

but it works! Doing so I can still import certificates automatically by
the WEB. Can you tell me what I miss?

Many thanks for your suggestions.