[Date Prev][Date Next]
Re: Problems using OpenLDAP 2.1 client libraries to connect to OpenLDAP 2.0 server
* email@example.com <firstname.lastname@example.org> [23-03-03 20:31]:
> >See http://www.openldap.org/faq/data/cache/185.html for the requirements
> >of using TLS/SSL in the 2.1 version, as you have noticed the behaviour
> >of the library has slightly changed in this regard.
> Many thanks, that was exactly my problem and I could solve it reading this
> FAQ, I didn't know OpenLDAP 2.1.x requires the CA certificate.
> Now another question I generated a new certitificate using the FAQ but
> unfortunately it only does a 365 days cert, I would be interested in
> genrating a 3650 (10 years) cert, so I added -days 3650 to the openssl
> command but then when I run "CA.sh -sign" it only sees 1 year. Am I missing
> something ?
See the openssl.cnf file that is used by the CA.sh script,
look for "default_days" and try to change it. But this is more
a Openssl question.