[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: TLS certs needed for Provider and consumer

Am Tue, 1 Jun 2010 14:33:28 -0400
schrieb "Sotomayor, Vicente (ITD)" <Vicente.Sotomayor@state.ma.us>:

> Hello Everyone:
> Does anyone a have a link the shows what steps are needed to for
> creating certs for a Provider and Consumer? I've been able to do it
> for Provider, but I'm stuck on what to do for the consumer.

What do you want to achieve? Is it just a TLS session or in addition a
SASL EXTERNAL authentication?
A startTLS session requires olcSyncrepl: starttls=yes
tls_cacert=/path/to/CA, you may add tls_reqcert=demand.
A SASL EXTERNAL authentication in addition requires a user certificate
and a certificate key.


Dieter Klünter | Systemberatung
sip: +49.40.20932173