[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: fedora and openldap

On 04/12/2011 02:20 PM, Quanah Gibson-Mount wrote:
--On Tuesday, April 12, 2011 9:57 PM +0200 Judith Flo Gaya <jflo@imppc.org> wrote:

I changed the ldap.conf file in the client so instead of TLS_CACERTDIR
now I'm using TLC_CACERT <file.pem>

MozNSS can't use pem files. It uses a cert database. So your MozNSS linked clients will never work if you point them at a OpenSSL style pem file.
It can and does use PEM files. Everything in http://www.openldap.org/faq/data/cache/185.html also applies to using openldap with Mozilla NSS.

Note that http://www.openldap.org/faq/index.cgi?file=1514 describes how to use openldap with the native MozNSS key/cert database. It works with both PEM files and key/cert dbs.



Quanah Gibson-Mount
Sr. Member of Technical Staff
Zimbra, Inc
A Division of VMware, Inc.
Zimbra ::  the leader in open source messaging and collaboration