[Date Prev][Date Next]
[Chronological]
[Thread]
[Top]
Re: Allow invalid certificates for a single host
but I can. As I mentioned in my original post, adding this to ~/.ldaprc
or /etc/openldap/ldap.conf makes ldapsearch work perfectly fine:
HOST server.domain.com
PORT 636
TLS_REQCERT allow
The problem is with applying this configuration to the one host while
still setting my default configuration for SASL certificate-based
authentication to everything else. How do I do that?
or, to ask the question differently, forget the fact that I'm dealing
with an invalid cert. There's no need to to get hung up on that detail.
I have one ldaprc configuration that I need to define for a host, and a
default ldaprc configuration I need to define for all other hosts. How
do I make them work together?
--
Jared
On 10/09/2013 01:06 PM, Michael Ströder wrote:
> Jared wrote:
>> expired and self-signed.
>
> You cannot work around expired certs. But in case of self-signed certs you can
> put them into trusted CA certs file.
>
> Ciao, Michael.
>