[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Problems with openldap2.1.4 and TLS/SSL

Today at 3:26pm, Mathias Meisfjordskar wrote:

> > > openssl req -new -x509 -nodes -out server.pem -keyout server.pem
> > > -days 365
> >
> > Aha! You generated a self-signed certificate. That doesn't work with
> > OpenLDAP 2.1! You have to have a real certificate (something
> > certified by a CA).
> Uhm... No, self-signed certificates should be just fine:

The process you describe is not the same as what was done by the person
I replied to.  You have created your own CA and then used it to sign a
request.  He/She created a certificate and used it without having it
signed by a CA.  See the difference?

Frank Swasey                    | http://www.uvm.edu/~fcs
Systems Programmer              | Always remember: You are UNIQUE,
University of Vermont           |    just like everyone else.
                    === God Bless Us All ===