[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: SASL Mech EXTERNAL disabled?

To: Dieter Kluenter <dieter@dkluenter.de>
Subject: Re: SASL Mech EXTERNAL disabled?
From: Howard Chu <hyc@symas.com>
Date: Mon, 28 Sep 2009 21:56:55 -0700
Cc: openldap-software@openldap.org
In-reply-to: <87iqf2fjjz.fsf@rubin.avci.de>
References: <87fxa6ddkl.fsf@magenta.l4b.de> <alpine.BSO.2.00.0909281831270.31272@vanye.sendmail.com> <87iqf2fjjz.fsf@rubin.avci.de>
User-agent: Mozilla/5.0 (X11; U; Linux x86_64; rv:1.9.1b5pre) Gecko/20090909 SeaMonkey/2.0a1pre Firefox/3.0.3

Dieter Kluenter wrote:

The update was from 2.4.17 to 2.4.18 build with openssl.

,----[ ldaprc ]
| BASE o=avci,c=de
| TLS_CACERT      /home/dieter/certs/avciCA.pem
| TLS_CERT        /home/dieter/certs/dkluenter.pem
| TLS_KEY         /home/dieter/certs/dkluenter-key.pem
| TLS_CIPHER_SUITE        HIGH
| TLS_REQCERT     demand
`----

,----[ cn=config.ldif ]
| olcTLSCACertificateFile: /etc/openldap/certs/avciCA.pem
| olcTLSCertificateFile: /etc/openldap/certs/magenta.pem
| olcTLSCertificateKeyFile: /etc/openldap/certs/magenta-key.pem
| olcTLSCipherSuite: HIGH:MEDIUM
| olcTLSVerifyClient: demand
`----


Still works for me. Have your certificates expired?
--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

Follow-Ups:
- Re: SASL Mech EXTERNAL disabled?
  - From: "Dieter Kluenter" <dieter@dkluenter.de>

References:
- SASL Mech EXTERNAL disabled?
  - From: "Dieter Kluenter" <dieter@dkluenter.de>
- Re: SASL Mech EXTERNAL disabled?
  - From: Philip Guenther <guenther+ldapsoft@sendmail.com>
- Re: SASL Mech EXTERNAL disabled?
  - From: "Dieter Kluenter" <dieter@dkluenter.de>

Prev by Date: Re: SASL Mech EXTERNAL disabled?
Next by Date: Re: SASL Mech EXTERNAL disabled?
Index(es):
- Chronological
- Thread