[Date Prev][Date Next]
Re: OpenSSL usage?
I have created a demoCA and a test server certificate and privatekey using
openssl to create DSA rather then RSA, is that correct.
I saw somewhere that the private key must not be password protected, how is
----- Original Message -----
From: "Howard Chu" <firstname.lastname@example.org>
To: "Jim Hud" <email@example.com>; <openldap-software@OpenLDAP.org>
Sent: Wednesday, October 11, 2000 11:57 AM
Subject: RE: OpenSSL usage?
> If you intend to use OpenSSL to establish your own Certificate Authority,
> you should start
> by looking at the documentation on www.openssl.org. There are mailing
> for help using the OpenSSL tools referenced on that site.
> You will need the certificate from your Certificate Authority as well as
> your own server certificate.
> There are a number of relevant config options for setting up the
> certificate. You can see how they work in slapd/config.c.
> The bare minimum:
> TLSCertificateFile /path/to/server/certificate.pem
> TLSCertificateKeyFile /path/to/server/privatekey.pem
> TLSCACertificateFile /path/to/certificateAuthority/certificate.pem
> If you want to require clients to supply a client cert, you can add
> TLSVerifyClient 1
> > -----Original Message-----
> > From: owner-openldap-software@OpenLDAP.org
> > [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Jim Hud
> > Sent: Wednesday, October 11, 2000 5:35 AM
> > To: openldap-software@OpenLDAP.org
> > Subject: OpenSSL usage?
> > I am trying to setup openldap-2.0.6 and OpenSSL-0.9.6
> > Can anyone point me in the right direction, how do I create the server
> > certificate and configure slapd to use it?
> > Any other points, if/when I get it to work I will write a faq on it.