[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Certificate in openldap

man, 2003-01-20 kl. 14:12 skrev Richard Levitte - VMS Whacker:
> In message <001301c2c080$fc22a130$a503a8c0@PCGDL> on Mon, 20 Jan 2003
> 13:39:33 +0100, "De Leeuw Guy" <G.De_Leeuw@eurofer.be> said:
> G.De_Leeuw> What is the recommended format of a certificate to add
> this cert in ldap ?
> G.De_Leeuw> Pem, der, crt ???
> The attribute userCertificate;binary should take a certificate in raw
> DER.

Possibly. But that will break an awful lot of servers, such as Openldap,
and clients that can only work with .pem BER encoding. OTOH, FreeS/WAN
IPSEC insists on hashes, together with their .der cert. Not exactly easy
for the beginner.

> What, exactly, is the format "crt"?

Microsoft "embrace and extend." Only one step worse, is Lucent's Brick 5
stuff which needs 2 certs where others use one.




Tony Earnshaw

When all's said and done ...
there's nothing left to say or do.

e-post:		tonni@billy.demon.nl
www:		http://www.billy.demon.nl