[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: Communicate from php/apache to openLDAP over LDAPS

To: openldap-technical@openldap.org
Subject: Re: Communicate from php/apache to openLDAP over LDAPS
From: "Dieter Kluenter" <dieter@dkluenter.de>
Date: Fri, 11 Jun 2010 14:58:47 +0200
In-reply-to: <AANLkTilCH4tOLrfKIZD6CTulKVS74G_7h7CtE8gVLwjX@mail.gmail.com> (Jérémy ESCOLANO's message of "Fri, 11 Jun 2010 11:57:09 +0200")
References: <AANLkTimZdDamAxBQlKaq9nZugTkpOFxDRg2K7OEHotKU@mail.gmail.com> <C077F5CF-3E9A-4562-8D34-451AB6C9B38A@u-pec.fr> <AANLkTimeVtXNYoDpHjoVBb_2u1QbsN563eKIX1nNt-Ha@mail.gmail.com> <4C11301F.3010009@symas.com> <5BE8F969-F3A3-4A72-A9E6-76D555D8ED58@internode.on.net> <AANLkTiluv2nON6LY_RkH6uCYRRi1iEvkLtBjY4b8Mm9H@mail.gmail.com> <20100611114729.0a3f4309@magenta.l4b.de> <AANLkTilCH4tOLrfKIZD6CTulKVS74G_7h7CtE8gVLwjX@mail.gmail.com>
User-agent: Gnus/5.1008 (Gnus v5.10.8) XEmacs/21.5-b29 (linux)

Jérémy ESCOLANO <jeremyescolano@gmail.com> writes:

> According to what's you are saying, Apache has to verify which
> certificate ? the CA certificate ? the apache server certificate or
> the ldap certificate?  Thank you for your information that help me to
> understand better.
[...]

As a client operation to ldap, apache has to verify the ldap server
certificate by using the signing certificate authority.
That's why the CA has to be provided to clients and clients have to be
told to request the server certificate.

-Dieter

-- 
Dieter Klünter | Systemberatung
sip: +49.40.20932173
http://www.dpunkt.de/buecher/2104.html
GPG Key ID:8EF7B6C6

Follow-Ups:
- Re: Communicate from php/apache to openLDAP over LDAPS
  - From: Jérémy ESCOLANO <jeremyescolano@gmail.com>

References:
- Communicate from php/apache to openLDAP over LDAPS
  - From: Jérémy ESCOLANO <jeremyescolano@gmail.com>
- Re: Communicate from php/apache to openLDAP over LDAPS
  - From: Thierry Lacoste <lacoste@u-pec.fr>
- Re: Communicate from php/apache to openLDAP over LDAPS
  - From: Jérémy ESCOLANO <jeremyescolano@gmail.com>
- Re: Communicate from php/apache to openLDAP over LDAPS
  - From: Howard Chu <hyc@symas.com>
- Re: Communicate from php/apache to openLDAP over LDAPS
  - From: Indexer <indexer@internode.on.net>
- Re: Communicate from php/apache to openLDAP over LDAPS
  - From: Jérémy ESCOLANO <jeremyescolano@gmail.com>
- Re: Communicate from php/apache to openLDAP over LDAPS
  - From: Dieter Kluenter <dieter@dkluenter.de>
- Re: Communicate from php/apache to openLDAP over LDAPS
  - From: Jérémy ESCOLANO <jeremyescolano@gmail.com>

Prev by Date: Delta-syncrepl and delay in replication
Next by Date: Re: Restricting client access using pam_groupdn with dynamic groups : Was[Re: restrict host login based on group]
Index(es):
- Chronological
- Thread