[Date Prev][Date Next]
Re: TLS certs needed for Provider and consumer
Am Tue, 1 Jun 2010 14:33:28 -0400
schrieb "Sotomayor, Vicente (ITD)" <Vicente.Sotomayor@state.ma.us>:
> Hello Everyone:
> Does anyone a have a link the shows what steps are needed to for
> creating certs for a Provider and Consumer? I've been able to do it
> for Provider, but I'm stuck on what to do for the consumer.
What do you want to achieve? Is it just a TLS session or in addition a
SASL EXTERNAL authentication?
A startTLS session requires olcSyncrepl: starttls=yes
tls_cacert=/path/to/CA, you may add tls_reqcert=demand.
A SASL EXTERNAL authentication in addition requires a user certificate
and a certificate key.
Dieter Klünter | Systemberatung
GPG Key ID:8EF7B6C6