[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: tls key exchange

To: Thomas Berg <Thomas.Berg1@gmx.de>
Subject: Re: tls key exchange
From: Buchan Milne <bgmilne@obsidian.co.za>
Date: Tue, 22 Jun 2004 21:23:52 +0200
Cc: openldap-software@OpenLDAP.org
In-reply-to: <5744.1087925082@www28.gmx.net>
References: <5744.1087925082@www28.gmx.net>
User-agent: Mozilla Thunderbird 0.6 (X11/20040609)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Thomas Berg wrote:
| hi
|
| Ich tried for quite a long time to get tls/ssl encryption to work together
| with openldap. But it didn't work. This is my configuration.
|
| I went the normal way to generate the CA, the req and the cert.
|
| CA.pl -newca
| CA.pl -newcert
| CA.pl -signcert
| openssl rsa -in newreq.pem -out ldapkey.pem
| cp newcert.pem ldapcert.pem
| CA.pl verify ldapcert.pem (OK)
|
| generated a req and cert for the client (don't know if it is a must)

If all you want is encryption of the ldap traffic from php, a client
cert is not necessary, and most likely causing your problems.

Also, ensure that you are connecting to the LDAP server with the
hostname that is on the cert ..

Regards,
Buchan

- --
Buchan Milne                      Senior Support Technician
Obsidian Systems                  http://www.obsidian.co.za
B.Eng                                RHCE (803004789010797)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFA2IdIrJK6UGDSBKcRAvjkAJwOD01wAPMSkqSwCUf9vEgZSgIejQCeIFSh
PIgmaRIhdRqDJ7w0mRt9NOg=
=X4nt
-----END PGP SIGNATURE-----

Follow-Ups:
- Re: tls key exchange
  - From: "Thomas Berg" <Thomas.Berg1@gmx.de>

References:
- tls key exchange
  - From: "Thomas Berg" <Thomas.Berg1@gmx.de>

Prev by Date: Re: Manage own LDAP Address book entry
Next by Date: RE: HEAD doesn't handle escaped characters properly?
Index(es):
- Chronological
- Thread