[Date Prev][Date Next]
Another question about LDAP over SSL
- To: firstname.lastname@example.org
- Subject: Another question about LDAP over SSL
- From: Bryan Boone <email@example.com>
- Date: Mon, 12 Jul 2010 19:20:58 -0700 (PDT)
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=yahoo.com; s=s1024; t=1278987658; bh=M6b+gKn0+h+wf0hkOIvU/SPno0YodpnpRlBQWFc30gk=; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=0Zq3B2Ng0nxQ32YvbIsVA67IgBaLOin+KuMQB/8JSTUaIP19ulUaFAceGZm2Kw0+Mci0gL9ChbvAPe2x+crtVI2/8IPQB2NRLD20Woo141vBv82h8WgMpKe5WGdDoPZWWwDr7iAxiXgCJV7twsWxS2MmKozWj+rxhMqJGtVVliQ=
- Domainkey-signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:X-YMail-OSG:Received:X-Mailer:Date:From:Subject:To:MIME-Version:Content-Type; b=jb/8WFpwBQmfjDqT1+6iHn0Pv+9QX0tk95zCRiBPzq8qC931SaimU7lJJeSNGpWLxRX+XbOcNbptyHJVHiPzEcC4ta2IUn4suovx5Rc7SYnY3i5AD46O0VYo1Pj14Zt8njCiOI5itI6EpPNiMWN3IGB6BRE7fGg99hU/dU+aGJs=;
Hi everyone. I have another "duh" question.
I am writing software for a proprietary piece of hardware. I will be using the C libraries for openldap. I need to write some functions for LDAP so that the UI of the software has the option to authenticate a user via LDAP and LDAP over SSL. Basically it will just act like a client that will Simple Bind to the LDAP server for authentication.
I followed the instructions on the website to generate the SSL certs.
My question is, on the website above it says....
"You must also install a copy of the CA certificate on all of your client machines. Configuration is done in /usr/local/etc/openldap/ldap.conf:"
Does this mean I need to provide a way to the customer to manually transfer his/her CA cert the proprietary hardware, if they want to use LDAP over SSL??? Or when I use the Start TLS function, do the certs automatically get transfered behind the scene?