[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Store X.509 using OpenLDAP?

----- Original Message -----
From: "Kurt D. Zeilenga" <Kurt@OpenLDAP.org>
> At 06:00 PM 4/15/01 +0700, Monce Picard wrote:
> >What should I do when I want to store digital certificates
> >(X.509) using OpenLDAP?
> You add userCertificate attributes to your objects.
> Values of userCertificate values need to be transferred
> using the ;binary (BER) encoding option.  E.g.:
>  dn: cn=foo
>  changetype: modify
>  add: userCertificate;binary
>  userCertificate;binary:: base64-BER-encoded-X509-certificate
   This is what I have tried:

   I have a file named "example.ldif":
   dn: cn=Digital Certificates, dc=example, dc=com
   changetype: modify
   add: userCertificate;binary
   ...certificates encoded...

   I use: ldapadd -x -D "cn=Digital Certificates, dc=example,
dc=com" -W -f example.ldif
   then gives result:

   ldapadd:  unknown changetype "modify" (line 2 of entry "cn=Digital
Certificates, dc=example,

   ldif_record() = 89

   and this is my "slapd.conf":

   # $OpenLDAP: pkg/ldap/servers/slapd/slapd.conf,v 2000/08/26
17:06:18 kurt Exp $
   include  /usr/local/etc/openldap/schema/core.schema
   pidfile  /usr/local/var/slapd.pid
   argsfile /usr/local/var/slapd.args
   database ldbm
   suffix  "dc=example, dc=com"
   rootdn  "cn=Digital Certificates, dc=example, dc=com"
   rootpw  secret
   directory /usr/local/var/openldap-ldbm
   index objectClass eq

   Do I miss something?  Thanks in advance.


   Permono, R.