[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS



I have just document how to do this, but it's on spanish, I hope you can 
understand

http://www.linuxchange.com/opendocs/procedures/pki/index.es.html
http://www.linuxchange.com/opendocs/procedures/pki/admin.es.html

Remember, OpenLDAP needs non-crypt certs, use -node option

Le Mercredi 06 Avril 2005 15:33, Zoltan Gyula Beck a écrit :
> Hi!
>
> I've problem with implementing TLS with slapd, I asked in few list
> but I didn't got answare :(
> I'm using Debian Sarge, slapd and gnutls-bin installed. I made a
> self certified certificate:
> $ certtool --generate-privkey --outfile ca-key.pem
> $ certtool --generate-self-signed --load-privkey ca-key.pem --outfile
> ca-cert.pem
>
> In slapd.conf and ldap.conf I set the TLS options.
> I tried an ldapsearch:
>
> TLS certificate verification: depth: 0, err: 66, subject: C=, ST=Pest,
> L=Budapest, O=AITIA Inc., OU=IT, CN=bzg/Email=sysadmin@aitia.ai,
> issuer: C=, ST=Pest, L=Budapest, O=AITIA Inc., OU=IT,
> CN=bzg/Email=sysadmin@aitia.ai
> TLS certificate verification: Error, Unknown error
> TLS: can't connect.
> ldap_perror
> ldap_bind: Can't contact LDAP server (81)
>       additional info: Error in the certificate.
>
> $hostname --fqdn
> $bzg
>
> Any opinion?
>
> Zoltan