[Date Prev][Date Next]
Re: Storing certs for remote servers ref'd by back-ldap
Tony et al,
ok i have the certs now working when I use the ldapsearch utility, with the
TLS_CACERT configuration option in ldap.conf. However, when I try to use
back-ldap in slapd to query the same server, I need to be able to tell slapd
where the certificate is -- and it does not seem to (i) read ldap.conf, or
(ii) accept the same configuration option in slapd.conf.
What have I missed?
Thanks for your reply Tony,
On Thursday 07 November 2002 09:16, you wrote:
> ons, 2002-11-06 kl. 15:35 skrev Stephen Brandon:
> > I have just tried to point the back-ldap backend at a ldaps:// source,
> > and it's complaining about the certificate being self-signed. I have a
> > copy of the certificate in question, in DER format.
> > - in which config file do I put a reference to the certificate? It's not
> > one of the TLS config options, since they are for running slapd on a
> > secure port.
> > - what format should the cert be in? Do I need to use openssl to convert
> > it to some other form?
> DER encoded certs won't work, you need PEM encoded such.
> Look back in this list a couple of days and you'll see how to convert
> DER to PEM.