[Date Prev][Date Next] [Chronological] [Thread] [Top]

Re: openldap 2.4.40 on RHEL7

To: "Real, Elizabeth (392K)" <Elizabeth.Real@jpl.nasa.gov>, "openldap-technical@openldap.org" <openldap-technical@openldap.org>
Subject: Re: openldap 2.4.40 on RHEL7
From: Michael Ströder <michael@stroeder.com>
Date: Sat, 15 Oct 2016 13:30:41 +0200
In-reply-to: <C44F35C4-6CC7-4EDA-9624-F39DA23C7762@jpl.nasa.gov>
Openpgp: id=43C8730E84A20E560722806C07DC7AE36A8BC938
References: <C44F35C4-6CC7-4EDA-9624-F39DA23C7762@jpl.nasa.gov>
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:43.0) Gecko/20100101 SeaMonkey/2.40

Real, Elizabeth (392K) wrote:
> Quick question about replication, I’m setting up an ldapclient to talk to my two
> LDAP servers which are replicating fine.
> 
> To be able to talk to both LDAP servers, do I need to scp the server certificate
> (cert.pem) from both servers into the ldapclient /etc/openldap/cacerts
> directory? I’m looking at this documentation to configure the ldap client using
> sssd: https://www.certdepot.net/ldap-client-configuration-authconfig/

If the OpenLDAP server is configured correctly you only need the CA public-key
certificate at the client side to validate the server public-key cert.

Ciao, Michael.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

References:
- openldap 2.4.40 on RHEL7
  - From: "Real, Elizabeth (392K)" <Elizabeth.Real@jpl.nasa.gov>

Prev by Date: openldap 2.4.40 on RHEL7
Next by Date: Public LDAP server, what do I need to know?
Index(es):
- Chronological
- Thread