[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: help SSL on Openldap and java

s g <sirisha.kmb@gmail.com> writes:

> Thanks for replying. I was a bit occupied, so I could not back soon. Going by your mail, I went through
> the certificate generation process again. What I found is that for some reason, the cacert.pem file
> (which is the certificate for the CA) shows the following -
>  X509v3 extensions:
>             X509v3 Basic Constraints:
>                 CA:FALSE
> I am attaching the steps I followed and the certificate files generated as per the tutorial
> http://www.openldap.org/pub/ksoper/OpenLDAP_TLS.html#4.2.

Did you read the note on top of this paper?
> Shouldn't the above field be CA:true? Also, how do I make sure that the flag that you mentioned below
> gets set to "SSL server".

edit openssl.cnf accordingly, or use tinyCA to create a certificate


Dieter Klünter | Systemberatung
sip: +49.40.20932173