[Date Prev][Date Next]
Re: tls key exchange
-----BEGIN PGP SIGNED MESSAGE-----
Thomas Berg wrote:
| Ich tried for quite a long time to get tls/ssl encryption to work together
| with openldap. But it didn't work. This is my configuration.
| I went the normal way to generate the CA, the req and the cert.
| CA.pl -newca
| CA.pl -newcert
| CA.pl -signcert
| openssl rsa -in newreq.pem -out ldapkey.pem
| cp newcert.pem ldapcert.pem
| CA.pl verify ldapcert.pem (OK)
| generated a req and cert for the client (don't know if it is a must)
If all you want is encryption of the ldap traffic from php, a client
cert is not necessary, and most likely causing your problems.
Also, ensure that you are connecting to the LDAP server with the
hostname that is on the cert ..
Buchan Milne Senior Support Technician
Obsidian Systems http://www.obsidian.co.za
B.Eng RHCE (803004789010797)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org
-----END PGP SIGNATURE-----