[Date Prev][Date Next]
At 08:40 AM 2002-05-14, Jong 't, D (Dennis) wrote:
>We are running an openLDAP implementation to store user certificates. The
>new version of our CA has a problem in publishing Certificates to openldap
>because it tries to write the userCertificate attribute, without the ;binary
Is this an LDAPv2 or LDAPv3 CA? If its LDAPv3, it should be using
binary transfer [RFC 2251] per RFC 2252 and RFC 2256.
>Does openLdap support writing of certificates without the ;binary suffix ?
OpenLDAP 2.0 is an LDAPv3 implementation and hence requires use of
;binary. OpenLDAP 2.0 doesn't support the LDAPv2 userCertificate
>If so, what needs to be changed in the configuration ?
>Do the LDAP/PKIX standards define the suffix as a "MUST" ?
See RFC 2252 and RFC 2256.
- From: "Jong 't, D (Dennis)" <D.Jong@rf.rabobank.nl>