[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS LDAP Configuration w/Linux 5.0

To: "Mathis, Jim" <jim.mathis@lmco.com>
Subject: Re: TLS LDAP Configuration w/Linux 5.0
From: Buchan Milne <bgmilne@staff.telkomsa.net>
Date: Thu, 21 Feb 2008 17:47:58 +0200
Cc: openldap-technical@openldap.org
Content-disposition: inline
In-reply-to: <673954B3D6E9A14199B78659C4AD37EE0422CFD0@emss04m05.us.lmco.com>
References: <673954B3D6E9A14199B78659C4AD37EE0422CFCE@emss04m05.us.lmco.com> <200802210928.09826.bgmilne@staff.telkomsa.net> <673954B3D6E9A14199B78659C4AD37EE0422CFD0@emss04m05.us.lmco.com>
User-agent: KMail/1.9.7

Please keep replies on-list.

On Thursday 21 February 2008 17:00:11 Mathis, Jim wrote:
> Buchan,
>
> Thanks for the info. I want to ensure when I create the certificates
> that I'm doing it correctly. As follows:
>
> LDAP Server IP: 192.168.10.1
> Host name: node01
> suffix: dc=S80,dc=com
>
> Do I create a Certificate Common Name using "node01.S80.com" or "node01"

You use the name that you are going to use to connect to the host with. The 
real fqdn does not matter ....

So, if you are going to use:

URI ldaps://www.microsoft.com

then create a cert for www.microsoft.com

(of course, you should ensure that the name you use resolves to the IP)

Regard,s
Buchan

References:
- TLS LDAP Configuration w/Linux 5.0
  - From: "Mathis, Jim" <jim.mathis@lmco.com>
- Re: TLS LDAP Configuration w/Linux 5.0
  - From: Buchan Milne <bgmilne@staff.telkomsa.net>

Prev by Date: Re: Ppolicy issues
Next by Date: Re: Ppolicy issues
Index(es):
- Chronological
- Thread