Re: Newbie OpenLDAP/SSL/Certificates question (now works)

[Stefan Champailler <schampailler@easynet.be>]

Howard,

Thank you for answering !

> older release. Given the detail present in your email I believe you have
> read carefully, so I must assume that (b) was the case.

I didn't read carefully (and was using 2.2.15). When you browse through the 
whole documentation needed to get started with 
openldap/ssl/sasl/Certificates/etc. it's not obvious to catch the detail that 
some parts of the man page called "ldap.conf" actually relates to ".ldaprc", 
although it's written in it. The way one reads is "ldap.conf" is "this is 
information for the file ldap.conf, therefore I go to the options described 
there and assume they belong to ldap.conf". I think it's very human and 
happened to other on the mailing-list (see PS). Maybe, a small modification 
to the man page like the following would help a bit (adding a note in the FAQ 
would be nice as well) ? :

TLS_CERT <filename>
    Specifies the file that contains the client certificate. This is a 
user-only option and is only recognized in .ldaprc. 


Concerning those spaces in LDIF, althouhg it's clear that there are rules for 
them, it wouldn't hurt to remind in the "OpenLDAP SSL/TLS How-To" to pay 
attention to them (just for people like me who are starting from scratch and 
can have difficulties in figuring such problems, esp. when error messages are 
not helping much)


Thank you for your understanding :)

stF


PS: Other who had difficulties in understanding... :

http://www.openldap.org/lists/openldap-software/200307/msg00032.html
http://www.openldap.org/lists/openldap-software/200309/msg00037.html