[Date Prev][Date Next] [Chronological] [Thread] [Top]

RE: SSL/TLS server certificate

To: Openldap list <openldap-software@OpenLDAP.org>
Subject: RE: SSL/TLS server certificate
From: Tony Earnshaw <tonye@billy.demon.nl>
Date: Sat, 01 May 2004 02:24:08 +0200
In-reply-to: <200404301656.i3UGu9f2032077@relay1.fe.up.pt>
Organization: Billy
References: <200404301656.i3UGu9f2032077@relay1.fe.up.pt>

fre, 30.04.2004 kl. 18.55 skrev Jorge Ruão:

> Is there any tls configuration needed? What can be wrong?

Yes, obviously. You have to copy the server CA certificate onto the
client and tell the client where it is. For this you use Openldap's
ldap.conf (the one in /etc/openldap or /usr/local/etc/openldap, not the
one in /etc). 'man ldap.conf', look for TLS OPTIONS, add TLS_CACERT
/path/to/cert. You'll see that instead of ldap.conf you can use ldaprc
or .ldaprc.

--Tonni

-- 

We make out of the quarrel with others rhetoric
but out of the quarrel with ourselves, poetry.

mail: billy - at - billy.demon.nl
http://www.billy.demon.nl

Follow-Ups:
- Re: SSL/TLS server certificate
  - From: Mark Toung <mark@giddieup.net>

Prev by Date: LDAP_OPT_DESC
Next by Date: Re: SSL/TLS server certificate
Index(es):
- Chronological
- Thread