[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: TLS questions...

To: Howard Chu <hyc@highlandsun.com>
Subject: RE: TLS questions...
From: Tony Earnshaw <tonni@billy.demon.nl>
Date: 07 Dec 2002 20:37:44 +0100
Cc: plaven@bigpond.net.au, "'openLDAP'" <openldap-software@OpenLDAP.org>
In-reply-to: <002701c29de9$a3d23b80$0e01a8c0@CELLO>
Organization:
References: <002701c29de9$a3d23b80$0e01a8c0@CELLO>

lør, 2002-12-07 kl. 13:09 skrev Howard Chu:

> Yes, this has been done to death.
> You need to tell the SSL client what CA certificates it should trust.

:-)

In as much as he doesn't understand it, in /etc/ldap.conf (man
ldap.conf, look for TLS_CACERTDIR).Make sure the *entire path* is
readable by the client.

Best,

Tony

-- 

Tony Earnshaw

When all's said and done ...
there's nothing left to say or do.

e-post:		tonni@billy.demon.nl
www:		http://www.billy.demon.nl

Follow-Ups:
- RE:ldap_sasl_interactive_bind_s: Can't contact LDAP server (81)
  - From: "Dan Rossi" <daniel@electroteque.org>

References:
- RE: TLS questions...
  - From: "Howard Chu" <hyc@highlandsun.com>

Prev by Date: Re: Matching Rules and Search Filter Difficulty
Next by Date: RE:ldap_sasl_interactive_bind_s: Can't contact LDAP server (81)
Index(es):
- Chronological
- Thread