[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: solaris 9 ldap client with tls?

To: Kent Soper <dksoper@us.ibm.com>
Subject: RE: solaris 9 ldap client with tls?
From: Igor Brezac <igor@ipass.net>
Date: Fri, 27 Jun 2003 12:13:07 -0400 (EDT)
Cc: "Brian K. Jones" <jonesy@CS.Princeton.EDU>, ldap list <openldap-software@OpenLDAP.org>
In-reply-to: <OF795DE3E1.05B30A4C-ON87256D52.0054E568-86256D52.0054F69C@us.ibm.com>
References: <OF795DE3E1.05B30A4C-ON87256D52.0054E568-86256D52.0054F69C@us.ibm.com>

On Fri, 27 Jun 2003, Kent Soper wrote:

> Brian K. Jones wrote:
>
> > Who can tell me what this means?
> >
> > On Fri, 2003-06-27 at 10:50, Igor Brezac wrote:
> >
> >> You need to provide openldap with the CA of the client cert.  This is a
> >> requirement since openldap 2.1.x.
>
> Igor Brezac?
>

I meant to say the CA certificate.  So, if Verisign issued your client
cert, you need to place Verisign CA cert in the directory specified by
TLSCACertificatePath (in addition you need to link a certificate to its
subject name hash value, see openssl docs for more) or you need to point
TLSCACertificateFile to the Verisign CA cert in your slapd.conf.

-- 
Igor

References:
- RE: solaris 9 ldap client with tls?
  - From: Kent Soper <dksoper@us.ibm.com>

Prev by Date: ldapadding problem
Next by Date: RE: Openldap for HP-UX
Index(es):
- Chronological
- Thread