[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: simple question

To: Aleksandar Karalejić <aleksandar.karalejic@pstech.rs>, "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Subject: Re: simple question
From: Howard Chu <hyc@symas.com>
Date: Thu, 28 Jan 2016 05:09:35 +0000
In-reply-to: <9EEB414549AD7440BC3571E0861FE9932ECD8EF6@pst-mail1.pstech.rs>
References: <9EEB414549AD7440BC3571E0861FE9932ECD7CB5@pst-mail1.pstech.rs> <56A634D8.8080100@symas.com> <9EEB414549AD7440BC3571E0861FE9932ECD8EF6@pst-mail1.pstech.rs>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:45.0) Gecko/20100101 Firefox/45.0 SeaMonkey/2.42a1

Aleksandar Karalejić wrote:

Hi Howard,

Is there any way discard sending private key (or keeping it in the file) on
the file system.


The private key is not sent anywhere.

Can you explain why is private key needed for certificate
based authentication?

Read up on how public-key cryptography works. That is not anything specific toOpenLDAP.

The private key is required to prove that you are the owner of the certificatebeing used.


--
  -- Howard Chu
  CTO, Symas Corp.           http://www.symas.com
  Director, Highland Sun     http://highlandsun.com/hyc/
  Chief Architect, OpenLDAP  http://www.openldap.org/project/

References:
- simple question
  - From: Aleksandar Karalejić <aleksandar.karalejic@pstech.rs>
- Re: simple question
  - From: Howard Chu <hyc@symas.com>
- RE: simple question
  - From: Aleksandar Karalejić <aleksandar.karalejic@pstech.rs>

Prev by Date: Re: OpenLdap + Cyrus SASL + MIT Kerberos credentials cache
Next by Date: Lastbind
Index(es):
- Chronological
- Thread