[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Slapd, GNUTLS on Debian/Squeeze
- To: openldap-technical@openldap.org
- Subject: Re: Slapd, GNUTLS on Debian/Squeeze
- From: Reinaldo de Carvalho <reinaldoc@gmail.com>
- Date: Fri, 20 May 2011 14:43:46 -0300
- Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=gamma; h=domainkey-signature:mime-version:in-reply-to:references:date :message-id:subject:from:to:content-type; bh=WivaMlR91r/6CKATjcKzAh+QUs/FKyjzxdapRPEOGhs=; b=rRHvmvFdGJsjKJQoO1xwLKY1AUUT27Ea2Abc3zvRleslBIQaYPkzK7ueNhcV+nNHDm l4RCyWpgC4Qiny/C48MK8E6N3HyD+GybMk/JrLDXE0S3GRdYrwWQdAgAgJ699X4fmSey 2RTMO+9efZKZr7jNajzK5IUfSACcvZzBiufEY=
- Domainkey-signature: a=rsa-sha1; c=nofws; d=gmail.com; s=gamma; h=mime-version:in-reply-to:references:date:message-id:subject:from:to :content-type; b=BjgpQs4HIPD1U/4n2TU39oucAuvniJ7pavo3LkAzIx1TiK+6AWaV44P4h9/vtQAw+v Ty7a1rMiVxwJEkdMbrT/WOdju3CSrmYsQeeeJSVdmDUix2OYUa1mTxe7egXnH6hsqJjT WbaIFH4idBqU63EKcnIYBI5WdPYklNzGprdlQ=
- In-reply-to: <20110520095005.GP7489@nowhere.eden>
- References: <20110520095005.GP7489@nowhere.eden>
On Fri, May 20, 2011 at 6:50 AM, David Dumortier <d.dumortier@free.fr> wrote:
[...]
> I generated a self-signed certificate with these options :
> certtool --generate-privkey --outfile /etc/ldap/ssl/mykey.key
> certtool --generate-request --load-privkey /etc/ldap/ssl/mykey.key --outfile
> /etc/ldap/ssl/mycsr.csr
[..]
> Here is my slapd conf :
> olcTLSVerifyClient: demand
> olcTLSCertificateFile: /etc/ldap/ssl/mycsr.csr
> olcTLSCertificateKeyFile: /etc/ldap/ssl/mykey.key
>
CSR = Certificate signing request [1]
# Create a private key and a self-signed certificate (public key inside).
$ openssl req -x509 -newkey rsa:2048 -nodes -key Example_CA.key -out
Example_CA.cer -days 7305
[1] http://en.wikipedia.org/wiki/Certificate_signing_request
--
Reinaldo de Carvalho
http://korreio.sf.net
http://python-cyrus.sf.net
"While not fully understand a software, don't try to adapt this
software to the way you work, but rather yourself to the way the
software works" (myself)