[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: TLS client certificate pb

> -----Original Message-----
> From: owner-openldap-software@OpenLDAP.org
> [mailto:owner-openldap-software@OpenLDAP.org]On Behalf Of Francois Beretti

> I still haven't found how to have tls working with client certificate
> verification...
> Is it required for this to use SASL EXTERNAL ?

Yes, you must have a client certificate to use SASL EXTERNAL with SSL/TLS.

> I want to try SASL EXTERNAL, but I need some clarification...
> How does the server map the client certificate with the dn used to
> authenticate ? Where do the certificates have to be stored ? (and do
> they have to be stored ? )

Read the F'ine manual already. http://www.openldap.org/doc/admin21/

Amazing, people complain that there's no documentation, and then when we take
the time to write the docs nobody reads them. It all seems like wasted

  -- Howard Chu
  Chief Architect, Symas Corp.       Director, Highland Sun
  http://www.symas.com               http://highlandsun.com/hyc
  Symas: Premier OpenSource Development and Support