[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: help!Hi,

1. modify slapd.conf and include cosine and inetorgperson
2. build up the tree to your ca-entry
3. add/modify the ca-entry

e.g.

build tree:
--------------
ldapadd -D "..." -w ... -h ...
dn: c=de
objectclass: country
c: de

dn: o=my org,c=de
objectlcass: organization
o: my org

insert ca+crls
----------------------
ldapadd -D "..." -w... -h ...
dn: cn=my ca,o=my org,c=de
objectclass: certificationauthority
cacertificate;binary:<file:///fullpathtoDERcodedcacert1
cacertificate;binary:<file://fullpathtoDERcodedcacert2   # if you have 
more than one ca-certificate (e.g. split key for crl-sign and certsign)
certificaterevocationlist;binary:<file:///fullpathtoDERcodedCRL
authorityrevocationlist;binary:<file:///fullpathtoDERcodedARL
cn: my ca


This is only an example.

Kind regards,

Chris

-- 
Christian Pohl
Secaron AG

"ganling" <carlingling@163.com>
Sent by: owner-openldap-software@OpenLDAP.org
03.12.2002 09:35

 
    To:   openldap-software@OpenLDAP.org
    cc: 
    Subject:    help!


 I want use openldap to publish my CA's certificats list and CRL.but i 
have no 
idea.I dont's know how to write the entry.
 please help me! thanks.
=============================================================
Ïã¸Û˧¸ç±¾µØÃÀüÓëÄã½»ÓÑÔ¼»á-ËÙÅäÁªÒê Ê¡¸ÛÄÐŮʥµ®ÇãÇéÒ¹ http://dating.163.com/
ÍøÒ×ÅÄÂôվʱÉÐרÇø£¬¸ÐÊܶ¼ÊеÄ÷ÈÁ¦£¡           http://auctions.163.com/zhuanqu/fashion/
Ãâ·ÑÓÊÏ佡¿µÉ±¶¾´óÐж¯£¡                 http://popme.163.com/freemail/index.html